I just installed 'openssh-6.5p1' on a Solaris 10 system, and when
attempting to 'ssh' anywhere as anybody from the 'root' account,
I get a segmentation fault.
Debug output as 'root':
kraken:/opt/local/src/security/openssh-6.5p1# ./ssh -vvv mimir
OpenSSH_6.5, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: cipher ok: aes128-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: cipher ok: 3des-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes192-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes256-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: ciphers ok: [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: kex names ok: [diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]
debug1: /etc/ssh/ssh_config line 57: Applying options for *
debug3: RNG is ready, skipping seeding
debug2: ssh_connect: needpriv 1
debug1: Connecting to mimir [XXX.XXX.XXX.XXX] port 22.
Segmentation fault
Debug as regular user:
kraken:~> /opt/local/src/security/openssh-6.5p1/ssh -vvv mimir
OpenSSH_6.5, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: cipher ok: aes128-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: cipher ok: 3des-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes192-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes256-cbc [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: ciphers ok: [aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc]
debug3: kex names ok: [diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]
debug1: /etc/ssh/ssh_config line 57: Applying options for *
debug3: RNG is ready, skipping seeding
debug2: ssh_connect: needpriv 0
debug1: Connecting to nemo [XXX.XXX.XXX.XXX] port 22.
debug1: Connection established.
debug1: could not open key file '/etc/ssh/ssh_host_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_dsa_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_ecdsa_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_rsa_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_ed25519_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_dsa_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_ecdsa_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_rsa_key': Permission denied
debug1: could not open key file '/etc/ssh/ssh_host_ed25519_key': Permission denied
debug1: identity file /home/mikep/.ssh/id_rsa type -1
debug1: identity file /home/mikep/.ssh/id_rsa-cert type -1
debug1: identity file /home/mikep/.ssh/id_dsa type -1
debug1: identity file /home/mikep/.ssh/id_dsa-cert type -1
debug1: identity file /home/mikep/.ssh/id_ecdsa type -1
debug1: identity file /home/mikep/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/mikep/.ssh/id_ed25519 type -1
debug1: identity file /home/mikep/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.5
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.4
debug1: match: OpenSSH_6.4 pat OpenSSH* compat 0x04000000
'ssh' does appear to work as a regular user, but all the Cisco SSH
connections hang again; haven't had time to investigate what combinations
of ciphers and key exchange methods work with the latest version, if any.
With the new version it hangs at:
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
Version 6.4 shows:
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
Any ideas?
Thanks,
Mike
--
Mike Peterson Information Security Analyst - Audit
E-mail: mikep@xxxxxxxxxxxxxxx WWW: http://www.noc.utoronto.ca/
Tel: 416-978-5230 Fax: 416-978-6620
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev