https://bugzilla.mindrot.org/show_bug.cgi?id=3085
Bug ID: 3085
Summary: seccomp issue after upgrading openssl
Product: Portable OpenSSH
Version: 8.1p1
Hardware: Other
OS: Linux
Status: NEW
Severity: critical
Priority: P5
Component: sshd
Assignee: [email protected]
Reporter: [email protected]
hi
after upgrading openssl from 1.0.2p to 1.1.1d and recompiling my
previously working version of openssh-8.1p1, I suddenly cannot connect
any more:
debug1: SSH2_MSG_KEXINIT sent
Connection reset by 81.209.177.7 port 1111
The server side looks like this:
Connection from 81.209.177.119 port 55768 on 81.209.177.7 port 1111
debug1: Local version string SSH-2.0-OpenSSH_8.1
debug1: Remote protocol version 2.0, remote software version
OpenSSH_8.1
debug1: match: OpenSSH_8.1 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing seccomp filter sandbox
debug2: Network child is on pid 17293
debug3: preauth child monitor started
debug3: privsep user:group 39:38 [preauth]
debug1: permanently_set_uid: 39/38 [preauth]
debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
debug1: monitor_read_log: child log fd closed
debug3: mm_request_receive entering
debug1: do_cleanup
debug1: Killing privsep child 17293
Adding --with-sandbox=rlimit to the configure options solved the
problem so it must be related to the seccomp sandbox. I know there have
been fixes to it regarding openssl. Is it possible that there are still
issues?
I have Linux Kernel 4.9.195 with glibc 2.30 and gcc 7.3.0.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
