On 2019-07-15 at 10:33:26, Colin Watson wrote: > However, openssh should just fall back to not using seccomp sandboxing > in that case. It should make it easier to debug though! Perhaps you > could run sshd under strace and we might be able to see where it goes > wrong there? (Be careful with the strace output, as it will contain > secrets such as the private host key.)
I ran the following to get an strace from the point where I try to connect from the client: $ /usr/sbin/sshd $ pgrep sshd 7816 $ strace -p 7816 strace: Process 7816 attached _newselect(5, [3 4], NULL, NULL, NULL) = 1 (in [3]) accept(3, {sa_family=AF_INET, sin_port=htons(33142), sin_addr=inet_addr("192.168.1.5")}, [128->16]) = 5 fcntl64(5, F_GETFL) = 0x2 (flags O_RDWR) pipe([6, 7]) = 6 socketpair(AF_UNIX, SOCK_STREAM, 0, [8, 9]) = 0 clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x765d2078) = 7821 close(7) = 0 write(8, "\0\0\1\v\0", 5) = 5 write(8, "\0\0\1\6\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"..., 266) = 266 close(8) = 0 close(9) = 0 close(5) = 0 time(NULL) = 1563216707 (2019-07-15T18:51:47+0000) time(NULL) = 1563216707 (2019-07-15T18:51:47+0000) clock_gettime(CLOCK_BOOTTIME, {tv_sec=437223, tv_nsec=281923987}) = 0 time(NULL) = 1563216707 (2019-07-15T18:51:47+0000) getpid() = 7816 clock_gettime(CLOCK_BOOTTIME, {tv_sec=437223, tv_nsec=283146422}) = 0 time(NULL) = 1563216707 (2019-07-15T18:51:47+0000) time(NULL) = 1563216707 (2019-07-15T18:51:47+0000) clock_gettime(CLOCK_BOOTTIME, {tv_sec=437223, tv_nsec=284680271}) = 0 time(NULL) = 1563216707 (2019-07-15T18:51:47+0000) time(NULL) = 1563216707 (2019-07-15T18:51:47+0000) time(NULL) = 1563216707 (2019-07-15T18:51:47+0000) _newselect(7, [3 4 6], NULL, NULL, NULL) = 1 (in [6]) --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=7821, si_uid=0, si_status=255, si_utime=23, si_stime=3} --- waitpid(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 255}], WNOHANG) = 7821 waitpid(-1, 0x7fac9920, WNOHANG) = -1 ECHILD (No child processes) sigreturn({mask=[]}) = 1 close(6) = 0 _newselect(7, [3 4], NULL, NULL, NULLstrace: Process 7816 detached <detached ...> Let me know if you need a full strace from the start of the sshd process. > > By the way, this machine is sadly not using a Debian kernel. It's using > > librecmc-ramips-mt7621-gb-pc1-squashfs-sysupgrade_2017-11-28.bin from > > https://github.com/gnubee-git/gnubee-git.github.io/blob/master/debian/. > > I hope that the source for this is available somewhere and that it isn't > just a GPL violation? I couldn't easily find the source. I wasn't able to find it either, I filed https://github.com/gnubee-git/gnubee-git.github.io/issues/4. Francois -- https://fmarier.org/