On 24/04/2018 15:06, Darren Tucker wrote:
On 24 April 2018 at 21:37, Michael Felt <michael@xxxxxxxxxxxxx> wrote:
[...]
Went through the following steps:
a) copy src and do in-tree build
b) run the command (without having rerun make checks - in case there are
hiddne dependancies!)
root@x066:[/home/aixtools/openbsd/openssh-7.7p1]sh -x
/home/aixtools/openbsd/openssh-7.7p1/ssh-log-wrapper.sh -A -F
/home/aixtools/openbsd/openssh-7.7p1/ssh_proxy somehost ssh-add -l
+ exec ssh -E/home/aixtools/openbsd/openssh-7.7p1/ssh.log -A -F
/home/aixtools/openbsd/openssh-7.7p1/ssh_proxy somehost ssh-add -l
The debug log looks like you have no public keys. Those are created
by test-exec.sh which it looks like you didn't run?
I restarted by running make tests - after making the change you
suggested (below) to test_exec.sh
Results:
+ fail ssh-add -l via agent fwd failed (exit code 1)
ssh-add -l via agent fwd failed (exit code 1)
make: 1254-004 The error code from the last command is 1.
Stop.
make: 1254-004 The error code from the last command is 2.
Stop.
root@x066:[/home/aixtools/openbsd/openssh-7.7p1]sh -x
/home/aixtools/openbsd/openssh-7.7p1/ssh-log-wrapper.sh -A -F
/home/aixtools/openbsd/openss>
+ exec ssh -E/home/aixtools/openbsd/openssh-7.7p1/ssh.log -A -F
/home/aixtools/openbsd/openssh-7.7p1/ssh_proxy somehost ssh-add -l
**** I noticed that the log file is appended, so I renamed it and just
ran the last step again. The log here is from the repeat run.
root@x066:[/home/aixtools/openbsd/openssh-7.7p1]sh -x
/home/aixtools/openbsd/openssh-7.7p1/ssh-log-wrapper.sh -A -F
/home/aixtools/openbsd/openss>
+ exec ssh -E/home/aixtools/openbsd/openssh-7.7p1/ssh.log -A -F
/home/aixtools/openbsd/openssh-7.7p1/ssh_proxy somehost ssh-add -l
root@x066:[/home/aixtools/openbsd/openssh-7.7p1]wc
/home/aixtools/openbsd/openssh-7.7p1/ssh.log*
124 672 8636 /home/aixtools/openbsd/openssh-7.7p1/ssh.log
497 2691 34562 /home/aixtools/openbsd/openssh-7.7p1/ssh.log.save
621 3363 43198 total
root@x066:[/home/aixtools/openbsd/openssh-7.7p1]cat -n
/home/aixtools/openbsd/openssh-7.7p1/ssh.log
1 debug1: Executing proxy command: exec sh
./regress/sshd-log-wrapper.sh
/home/aixtools/openbsd/openssh-7.7p1/sshd.log ./sshd -i -f
/home/aixtools/openbsd/openssh-7.7p1/sshd_proxy
2 debug1: permanently_drop_suid: 0
3 debug1: permanently_set_uid: 0/0
4 debug1: key_load_public: No such file or directory
5 debug1: identity file /.ssh/id_rsa type -1
6 debug1: key_load_public: No such file or directory
7 debug1: identity file /.ssh/id_rsa-cert type -1
8 debug1: key_load_public: No such file or directory
9 debug1: identity file /.ssh/id_dsa type -1
10 debug1: key_load_public: No such file or directory
11 debug1: identity file /.ssh/id_dsa-cert type -1
12 debug1: key_load_public: No such file or directory
13 debug1: identity file /.ssh/id_ecdsa type -1
14 debug1: key_load_public: No such file or directory
15 debug1: identity file /.ssh/id_ecdsa-cert type -1
16 debug1: key_load_public: No such file or directory
17 debug1: identity file /.ssh/id_ed25519 type -1
18 debug1: key_load_public: No such file or directory
19 debug1: identity file /.ssh/id_ed25519-cert type -1
20 debug1: Local version string SSH-2.0-OpenSSH_7.6
21 debug1: Remote protocol version 2.0, remote software version
OpenSSH_7.7
22 debug1: match: OpenSSH_7.7 pat OpenSSH* compat 0x04000000
23 debug2: fd 6 setting O_NONBLOCK
24 debug2: fd 5 setting O_NONBLOCK
25 debug1: Authenticating to 127.0.0.1:4242 as 'root'
26 debug1: using hostkeyalias: localhost-with-alias
27 debug3: hostkeys_foreach: reading file
"/home/aixtools/openbsd/openssh-7.7p1/known_hosts"
28 debug3: record_hostkey: found key type RSA in file
/home/aixtools/openbsd/openssh-7.7p1/known_hosts:1
29 debug3: record_hostkey: found key type ED25519 in file
/home/aixtools/openbsd/openssh-7.7p1/known_hosts:2
30 debug3: load_hostkeys: loaded 2 keys from localhost-with-alias
31 debug3: hostkeys_foreach: reading file
"/home/aixtools/openbsd/openssh-7.7p1/known_hosts"
32 debug3: record_hostkey: found key type RSA in file
/home/aixtools/openbsd/openssh-7.7p1/known_hosts:1
33 debug3: record_hostkey: found key type ED25519 in file
/home/aixtools/openbsd/openssh-7.7p1/known_hosts:2
34 debug3: load_hostkeys: loaded 2 keys from localhost-with-alias
35 debug3: order_hostkeyalgs: prefer hostkeyalgs:
ssh-ed25519-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
36 debug3: send packet: type 20
37 debug1: SSH2_MSG_KEXINIT sent
38 debug3: receive packet: type 20
39 debug1: SSH2_MSG_KEXINIT received
40 debug2: local client KEXINIT proposal
41 debug2: KEX algorithms:
curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
42 debug2: host key algorithms:
ssh-ed25519-cert-v01@xxxxxxxxxxx,ssh-rsa-cert-v01@xxxxxxxxxxx,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp384-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp521-cert-v01@xxxxxxxxxxx,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
43 debug2: ciphers ctos:
chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
44 debug2: ciphers stoc:
chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
45 debug2: MACs ctos:
umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
46 debug2: MACs stoc:
umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
47 debug2: compression ctos: none,zlib@xxxxxxxxxxx,zlib
48 debug2: compression stoc: none,zlib@xxxxxxxxxxx,zlib
49 debug2: languages ctos:
50 debug2: languages stoc:
51 debug2: first_kex_follows 0
52 debug2: reserved 0
53 debug2: peer server KEXINIT proposal
54 debug2: KEX algorithms:
curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
55 debug2: host key algorithms:
ssh-rsa,rsa-sha2-512,rsa-sha2-256,ssh-ed25519
56 debug2: ciphers ctos:
chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
57 debug2: ciphers stoc:
chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx
58 debug2: MACs ctos:
umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
59 debug2: MACs stoc:
umac-64-etm@xxxxxxxxxxx,umac-128-etm@xxxxxxxxxxx,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx,hmac-sha1-etm@xxxxxxxxxxx,umac-64@xxxxxxxxxxx,umac-128@xxxxxxxxxxx,hmac-sha2-256,hmac-sha2-512,hmac-sha1
60 debug2: compression ctos: none,zlib@xxxxxxxxxxx
61 debug2: compression stoc: none,zlib@xxxxxxxxxxx
62 debug2: languages ctos:
63 debug2: languages stoc:
64 debug2: first_kex_follows 0
65 debug2: reserved 0
66 debug1: kex: algorithm: curve25519-sha256
67 debug1: kex: host key algorithm: ssh-ed25519
68 debug1: kex: server->client cipher:
chacha20-poly1305@xxxxxxxxxxx MAC: <implicit> compression: none
69 debug1: kex: client->server cipher:
chacha20-poly1305@xxxxxxxxxxx MAC: <implicit> compression: none
70 debug3: send packet: type 30
71 debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
72 debug3: receive packet: type 31
73 debug1: Server host key: ssh-ed25519
SHA256:JDc2VZ4VS0naDShfHgUk+QplGtusyITGK9d5filtQNA
74 debug1: using hostkeyalias: localhost-with-alias
75 debug3: hostkeys_foreach: reading file
"/home/aixtools/openbsd/openssh-7.7p1/known_hosts"
76 debug3: record_hostkey: found key type RSA in file
/home/aixtools/openbsd/openssh-7.7p1/known_hosts:1
77 debug3: record_hostkey: found key type ED25519 in file
/home/aixtools/openbsd/openssh-7.7p1/known_hosts:2
78 debug3: load_hostkeys: loaded 2 keys from localhost-with-alias
79 debug3: hostkeys_foreach: reading file
"/home/aixtools/openbsd/openssh-7.7p1/known_hosts"
80 debug3: record_hostkey: found key type RSA in file
/home/aixtools/openbsd/openssh-7.7p1/known_hosts:1
81 debug3: record_hostkey: found key type ED25519 in file
/home/aixtools/openbsd/openssh-7.7p1/known_hosts:2
82 debug3: load_hostkeys: loaded 2 keys from localhost-with-alias
83 debug1: Host 'localhost-with-alias' is known and matches the
ED25519 host key.
84 debug1: Found key in
/home/aixtools/openbsd/openssh-7.7p1/known_hosts:2
85 debug3: send packet: type 21
86 debug2: set_newkeys: mode 1
87 debug1: rekey after 134217728 blocks
88 debug1: SSH2_MSG_NEWKEYS sent
89 debug1: expecting SSH2_MSG_NEWKEYS
90 debug3: receive packet: type 21
91 debug1: SSH2_MSG_NEWKEYS received
92 debug2: set_newkeys: mode 0
93 debug1: rekey after 134217728 blocks
94 debug2: key: /.ssh/id_rsa (0)
95 debug2: key: /.ssh/id_dsa (0)
96 debug2: key: /.ssh/id_ecdsa (0)
97 debug2: key: /.ssh/id_ed25519 (0)
98 debug3: send packet: type 5
99 debug3: receive packet: type 7
100 debug1: SSH2_MSG_EXT_INFO received
101 debug1: kex_input_ext_info:
server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
102 debug3: receive packet: type 6
103 debug2: service_accept: ssh-userauth
104 debug1: SSH2_MSG_SERVICE_ACCEPT received
105 debug3: send packet: type 50
106 debug3: receive packet: type 51
107 debug1: Authentications that can continue:
publickey,password,keyboard-interactive
108 debug3: start over, passed a different list
publickey,password,keyboard-interactive
109 debug3: preferred publickey
110 debug3: authmethod_lookup publickey
111 debug3: remaining preferred:
112 debug3: authmethod_is_enabled publickey
113 debug1: Next authentication method: publickey
114 debug1: Trying private key: /.ssh/id_rsa
115 debug3: no such identity: /.ssh/id_rsa: No such file or directory
116 debug1: Trying private key: /.ssh/id_dsa
117 debug3: no such identity: /.ssh/id_dsa: No such file or directory
118 debug1: Trying private key: /.ssh/id_ecdsa
119 debug3: no such identity: /.ssh/id_ecdsa: No such file or directory
120 debug1: Trying private key: /.ssh/id_ed25519
121 debug3: no such identity: /.ssh/id_ed25519: No such file or
directory
122 debug2: we did not send a packet, disable method
123 debug1: No more authentication methods to try.
124 root@127.0.0.1: Permission denied
(publickey,password,keyboard-interactive).
root@x066:[/home/aixtools/openbsd/openssh-7.7p1]
root@x066:[/home/aixtools/openbsd/openssh-7.7p1]ls -l
/home/aixtools/openbsd/openssh-7.7p1/sshd_proxy*
-rw-r--r-- 1 root system 460 Apr 24 11:18
/home/aixtools/openbsd/openssh-7.7p1/sshd_proxy
root@x066:[/home/aixtools/openbsd/openssh-7.7p1]cat -n
/home/aixtools/openbsd/openssh-7.7p1/sshd_proxy
1 StrictModes no
2 Port 4242
3 AddressFamily inet
4 ListenAddress 127.0.0.1
5 #ListenAddress ::1
6 PidFile /home/aixtools/openbsd/openssh-7.7p1/pidfile
7 AuthorizedKeysFile
/home/aixtools/openbsd/openssh-7.7p1/authorized_keys_%u
8 LogLevel DEBUG3
9 AcceptEnv _XXX_TEST_*
10 AcceptEnv _XXX_TEST
11 Subsystem sftp /usr/libexec/openssh/sftp-server
12 StrictModes no
13 HostKey /home/aixtools/openbsd/openssh-7.7p1/rsa
14 HostKey /home/aixtools/openbsd/openssh-7.7p1/ed25519
root@x066:[/home/aixtools/openbsd/openssh-7.7p1]find . -name \*.pub
./ed25519-agent-cert.pub
./ed25519-agent.pub
./ed25519.pub
./regress/dsa_ssh2.pub
./regress/ed25519-agent-cert.pub
./regress/ed25519-agent.pub
./regress/ed25519.pub
./regress/rsa-agent-cert.pub
./regress/rsa-agent.pub
./regress/rsa.pub
./regress/rsa_openssh.pub
./regress/t10.out.pub
./regress/t12.out.pub
./regress/t7.out.pub
./regress/t8.out.pub
./regress/t9.out.pub
./regress/unittests/hostkeys/testdata/dsa_1.pub
./regress/unittests/hostkeys/testdata/dsa_2.pub
./regress/unittests/hostkeys/testdata/dsa_3.pub
./regress/unittests/hostkeys/testdata/dsa_4.pub
./regress/unittests/hostkeys/testdata/dsa_5.pub
./regress/unittests/hostkeys/testdata/dsa_6.pub
./regress/unittests/hostkeys/testdata/ecdsa_1.pub
./regress/unittests/hostkeys/testdata/ecdsa_2.pub
./regress/unittests/hostkeys/testdata/ecdsa_3.pub
./regress/unittests/hostkeys/testdata/ecdsa_4.pub
./regress/unittests/hostkeys/testdata/ecdsa_5.pub
./regress/unittests/hostkeys/testdata/ecdsa_6.pub
./regress/unittests/hostkeys/testdata/ed25519_1.pub
./regress/unittests/hostkeys/testdata/ed25519_2.pub
./regress/unittests/hostkeys/testdata/ed25519_3.pub
./regress/unittests/hostkeys/testdata/ed25519_4.pub
./regress/unittests/hostkeys/testdata/ed25519_5.pub
./regress/unittests/hostkeys/testdata/ed25519_6.pub
./regress/unittests/hostkeys/testdata/rsa1_1.pub
./regress/unittests/hostkeys/testdata/rsa1_2.pub
./regress/unittests/hostkeys/testdata/rsa1_3.pub
./regress/unittests/hostkeys/testdata/rsa1_4.pub
./regress/unittests/hostkeys/testdata/rsa1_5.pub
./regress/unittests/hostkeys/testdata/rsa1_6.pub
./regress/unittests/hostkeys/testdata/rsa_1.pub
./regress/unittests/hostkeys/testdata/rsa_2.pub
./regress/unittests/hostkeys/testdata/rsa_3.pub
./regress/unittests/hostkeys/testdata/rsa_4.pub
./regress/unittests/hostkeys/testdata/rsa_5.pub
./regress/unittests/hostkeys/testdata/rsa_6.pub
./regress/unittests/sshkey/testdata/dsa_1-cert.pub
./regress/unittests/sshkey/testdata/dsa_1.param.pub
./regress/unittests/sshkey/testdata/dsa_1.pub
./regress/unittests/sshkey/testdata/dsa_2.pub
./regress/unittests/sshkey/testdata/ecdsa_1-cert.pub
./regress/unittests/sshkey/testdata/ecdsa_1.param.pub
./regress/unittests/sshkey/testdata/ecdsa_1.pub
./regress/unittests/sshkey/testdata/ecdsa_2.param.pub
./regress/unittests/sshkey/testdata/ecdsa_2.pub
./regress/unittests/sshkey/testdata/ed25519_1-cert.pub
./regress/unittests/sshkey/testdata/ed25519_1.pub
./regress/unittests/sshkey/testdata/ed25519_2.pub
./regress/unittests/sshkey/testdata/rsa1_1.pub
./regress/unittests/sshkey/testdata/rsa1_2.pub
./regress/unittests/sshkey/testdata/rsa_1-cert.pub
./regress/unittests/sshkey/testdata/rsa_1.pub
./regress/unittests/sshkey/testdata/rsa_2.pub
./regress/user_ca_key.pub
./rsa-agent-cert.pub
./rsa-agent.pub
./rsa.pub
./user_ca_key.pub
root@x066:[/home/aixtools/openbsd/openssh-7.7p1]cat authorized_keys_root
cert-authority,principals="estragon" ssh-ed25519
AAAAC3NzaC1lZDI1NTE5AAAAIIMGpu7gKKy23HIh/1P6+4gvqMnNjck5hAfm27jDJCKB
root@x066
.
If you want to fiddle with the scripts, I suggest editing test-exec.sh
to add a "set -x" and put "exit 1) into the fail() function. That'll
drop you back to a shell at the first failure without cleaning up, so
in most cases you can re-run the previous command as the environment
will still be set up correctly.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev