hanging problems with sshd openssh 5.[12]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



We have built the last few versions of openssh for Solaris using the following config.

 ./configure
 --prefix=/software/ssh-openssh-5.2
 --with-kerberos5=/software/krb5-1.6  --without-kerberos4
 --without-egd-pool  --without-prngd-port  --without-prngd-socket
 --disable-etc-default-login
 --with-entropy-timeout=200  --with-rand-helper
 --with-pam  --with-random=/dev/random

5.0 worked fine, but 5.1 and 5.2 sshd seems to hang when people do a paste of more than about 1k under vim. We've also had some problems with 5.1 and 5.2 with a few programs that start up a remote program and chat with them - we get both sides waiting for the other to respond.
They all work fine with rsh or ssh as long as sshd isn't 5.1 or later.

Has anyone seen something like this?

Sample ssh_config and sshd_config file attached.

Jeff Voskamp
javoskam@xxxxxxxxxxxx

---snip sshd_config ---
# we're not using ipV6, but solaris offers it anyway (in all cases)
AddressFamily INET
Port 22
Protocol 2
ListenAddress 0.0.0.0

IgnoreRhosts yes
RhostsRSAAuthentication no

IgnoreUserKnownHosts no

X11Forwarding yes
X11UseLocalhost yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
KeepAlive yes

Subsystem    sftp    /software/ssh/maintenance/sftp-server

# to be pulled from previous incarnations and stashed above
# these are the defaults in case they weren't previously mentioned.
UsePam yes
StrictModes yes
PermitRootLogin no

HostbasedAuthentication yes
PubkeyAuthentication yes
GSSAPIAuthentication yes

PasswordAuthentication yes
PermitEmptyPasswords no

ChallengeResponseAuthentication yes

UsePrivilegeSeparation yes

---snip ssh_config ---
# Site-wide defaults for various options

Host *
   Port 22
   Protocol 2

   RSAAuthentication no
   RhostsRSAAuthentication no
   ChallengeResponseAuthentication yes

   PasswordAuthentication yes
   HostBasedAuthentication yes
PreferredAuthentications hostbased,publickey,keyboard-interactive,password

   ForwardAgent no
   ForwardX11 yes
   ForwardX11Trusted yes

   UsePrivilegedPort no
   CheckHostIP yes
EnableSSHKeysign yes

[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux