No timeout is set. Living connections also die (I was scp'ing large logfiles through local interface when the strace and debug output was captured).
Can glibc upgrade cause problems like this? I have restarted sshd several times after the recompilations, but not the server itself. It is in a datacenter and I would definitely not bother with restarting when it is not necessary... I have noticed that statically linked sshd in a chroot'-ed environment worked well on the same machine, but statically link the main sshd executable is not a valid choice for me. yours, adam On 8/3/07, Njoku, George O. <[EMAIL PROTECTED]> wrote: > You got a SIGKILL and connection was lost. > Try checking if ssh_config on both machines got a connection or idle timeout > set. > > > Cheers > George > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adam Lantos > Sent: Thursday, August 02, 2007 9:48 AM > To: [email protected] > Subject: OpenSSH_4.5p1 on GNU/Linux: connection unexpectedly closed > > Hi, > > I have a serious problem with OpenSSH. I use it on kernel 2.6.18 with > grsecurity patch enabled, i686 (Gentoo GNU/Linux, Hardened profile) > > gcc-3.4.6 > glibc-2.5-r4 > binutils-2.16.1-r3 > libtool-1.5.22 > zlib-1.2.3-r1 > openssl-0.9.8d > openssh-4.5_p1-r1 > > When I transfer about 20Mbytes of data through ssh the connection dies > (even on localhost). > I suspect on glibc's nptl. I've tried with linuxthreads support and > still no success :( of course, all glibc update was followed by > toolchain recompilation and zlib-openssl-openssh recompilation. Guys > on gentoo-hardened mailing list couldn't help me out. > > The same issue raises with compression enabled/disabled, tcpkeepalive > enabled/disabled, clientinterval enabled/disabled and firewall > enabled/disabled. > > Do you have any clue on what is happening here? > > debug and strace outputs are attached to the end of my post > > > yours, > Adam > > > > debug output gave me this on server (scp localhost - localhost): > > ... > > debug2: mac_init: found hmac-sha1 > debug1: kex: server->client blowfish-cbc hmac-sha1 none > debug2: mac_init: found hmac-sha1 > debug1: kex: client->server blowfish-cbc hmac-sha1 none > > ... > > debug2: channel 0: rcvd adjust 4096 > debug2: channel 0: rcvd adjust 4096 > debug1: do_cleanup > debug1: PAM: cleanup > debug3: PAM: sshpam_thread_cleanup entering > > > > strace -fFv output gave me this on server: > > ... > > [pid 17725] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0 > [pid 17725] read(3, > "V\17\33s\256d\321\37\307\363\342\250\2211\355x\345\205"..., 16384) = > 44 > [pid 17725] write(2, "debug2: channel 0: rcvd adjust 4"..., 37debug2: > channel 0: rcvd adjust 4096 > ) = 37 > [pid 7918] <... write resumed> ) = 48384 > [pid 17725] +++ killed by SIGKILL +++ > Process 17725 detached > [pid 7918] write(1, > "5\275\30185\30185\276\237p\270\256P\203\331\301p$p\230"..., 82688) = > -1 EPIPE (Broken pipe) > [pid 7918] --- SIGPIPE (Broken pipe) @ 0 (0) --- > Process 7918 detached > <... read resumed> 0x599ae18c, 4) = ? ERESTARTSYS (To be restarted) > --- SIGCHLD (Child exited) @ 0 (0) --- > > ... > > > Client says: > > Read from remote host localhost: Connection reset by peer > lost connection >
