I've beaten lshd into submission on gnudist, and was just taking a moment
to test with OpenSSH.
What's interesting is that on gnudist I only have my DSA key for lsh
loaded in, I just wanted to see what would happen with OpenSSH, so I
tried connecting at it asked me for the key to decrypt my DSA key. When
I typed in the password for decryption, the server segfaulted. Here's
the info:
On gnudist:
gnudist:~# gdb lshd
GNU gdb 4.17.m68k.objc.threads.hwwp.fpu.gnat
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i486-pc-linux-gnu"...
(gdb) set args --no-password --verbose
(gdb) run
Starting program: /usr/local/sbin/lshd --no-password --verbose
warning: Unable to find dynamic linker breakpoint function.
warning: GDB will be unable to debug shared library initializers
warning: and track explicitly loaded dynamic code.
Garbage collecting while busy...
Objects alive: 93, garbage collected: 36
Accepting connection from 24.113.91.74, port 712
Initiating handshake with 24.113.91.74
Client version: SSH-2.0-OpenSSH-2.1
Server version: SSH-2.0-lshd_1.0.1 lsh - a free ssh
Selected keyexchange algorithm: diffie-hellman-group1-sha1
with hostkey algorithm: ssh-dss
Selected bulk algorithms: (client to server, server to client)
Encryption: (3des-cbc, 3des-cbc)
Message authentication: (hmac-sha1, hmac-sha1)
Compression: (none, none)
Program received signal SIGSEGV, Segmentation fault.
0x805c8d8 in do_authenticate (s=0x808b610, connection=0x808e688,
username=0x809ff08, service=19, args=0xbfffb9dc, c=0x809fee0,
e=0x80a15a8)
at server_publickey.c:173
173 if (VERIFY(v, signed_data->length, signed_data->data,
signature_length, signature_blob))
(gdb) bt
#0 0x805c8d8 in do_authenticate (s=0x808b610, connection=0x808e688,
username=0x809ff08, service=19, args=0xbfffb9dc, c=0x809fee0,
e=0x80a15a8)
at server_publickey.c:173
#1 0x805de6c in do_handle_userauth (s=0x80a1708, connection=0x808e688,
packet=0x809fc40) at server_userauth.c:205
#2 0x80516d5 in handle_connection (w=0x808e688, packet=0x809fc40)
at connection.c:131
#3 0x80529f9 in do_debug (w=0x809ef40, packet=0x809fc40) at debug.c:64
#4 0x806c03a in do_packet_inflate (closure=0x809f098, packet=0x809fc40)
at compress.c:80
#5 0x8066757 in do_unpad (w=0x809f0c8, packet=0x809f960) at unpad.c:95
#6 0x805b33e in do_read_packet (h=0x808ed24, available=580,
data=0xbfffbcf4 "<##|h!o\032&n\223\032*<s*b/J2") at read_packet.c:348
#7 0x805618b in do_buffered_read (s=0x808ed10, fd=0x808e568) at io.c:386
#8 0x8055f78 in io_iter (b=0x8089810) at io.c:296
#9 0x805b725 in reaper_run (r=0x8089e18, b=0x8089810) at reaper.c:179
#10 0x804add2 in main (argc=3, argv=0xbffffc98) at lshd.c:729
(gdb)
Thanks!
--
"It is easy to be blinded to the essential uselessness of computers by
the sense of accomplishment you get from getting them to work at all."
- Douglas Adams
