openssh-6.5p1 on Solaris 10 - segmentation fault

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



I just installed 'openssh-6.5p1' on a Solaris 10 system, and when
attempting to 'ssh' anywhere as anybody from the 'root' account,
I get a segmentation fault.

Debug output as 'root':

kraken:/opt/local/src/security/openssh-6.5p1# ./ssh -vvv mimir
OpenSSH_6.5, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: cipher ok: aes128-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: cipher ok: 3des-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes192-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes256-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: ciphers ok: [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: kex names ok: [diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]
debug1: /etc/ssh/ssh_config line 57: Applying options for *
debug3: RNG is ready, skipping seeding
debug2: ssh_connect: needpriv 1
debug1: Connecting to mimir [XXX.XXX.XXX.XXX] port 22.
Segmentation fault

Debug as regular user:

kraken:~> /opt/local/src/security/openssh-6.5p1/ssh -vvv mimir
OpenSSH_6.5, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: cipher ok: aes128-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: cipher ok: 3des-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes192-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes256-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: ciphers ok: [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: kex names ok: [diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]
debug1: /etc/ssh/ssh_config line 57: Applying options for *
debug3: RNG is ready, skipping seeding
debug2: ssh_connect: needpriv 0
debug1: Connecting to nemo [XXX.XXX.XXX.XXX] port 22.
debug1: Connection established.
debug1: could not open key file '/etc/ssh/ssh_host_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_dsa_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_ecdsa_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_rsa_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_ed25519_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_dsa_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_ecdsa_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_rsa_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_ed25519_key': Permission denied
debug1: identity file /home/mikep/.ssh/id_rsa type -1
debug1: identity file /home/mikep/.ssh/id_rsa-cert type -1
debug1: identity file /home/mikep/.ssh/id_dsa type -1
debug1: identity file /home/mikep/.ssh/id_dsa-cert type -1
debug1: identity file /home/mikep/.ssh/id_ecdsa type -1
debug1: identity file /home/mikep/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/mikep/.ssh/id_ed25519 type -1
debug1: identity file /home/mikep/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.5
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.4
debug1: match: OpenSSH_6.4 pat OpenSSH* compat 0x04000000

'ssh' does appear to work as a regular user, but all the Cisco SSH connections hang again; haven't had time to investigate what combinations
of ciphers and key exchange methods work with the latest version, if any.
With the new version it hangs at:

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

Version 6.4 shows:

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY

Any ideas?

Thanks,
Mike
--
Mike Peterson                            Information Security Analyst - Audit
E-mail: mikep@xxxxxxxxxxxxxxx                WWW: http://www.noc.utoronto.ca/
Tel: 416-978-5230                                           Fax: 416-978-6620
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux