Bug#941663: openssh-server: fatal: privsep_preauth: preauth child terminated by signal 31

2019-10-05 Thread Colin Watson 
On Sat, Oct 05, 2019 at 08:21:09PM +0100, Adam D. Barratt wrote:
> On Sat, 2019-10-05 at 12:16 -0400, James Cloos wrote:
> > Using ed25519 keys (host and client) should work around this issue.
> 
> FWIW according to #941665, this should also only affect users running
> buster on kernels < 3.19.

Thanks for the clue.  I'll cherry-pick this into unstable now, and I've
also filed a stable update request.

-- 
Colin Watson   [cjwat...@debian.org]

Bug#941663: openssh-server: fatal: privsep_preauth: preauth child terminated by signal 31

2019-10-05 Thread Adam D. Barratt 
On Sat, 2019-10-05 at 12:16 -0400, James Cloos wrote:
> Using ed25519 keys (host and client) should work around this issue.

FWIW according to #941665, this should also only affect users running
buster on kernels < 3.19.

Regards,

Adam

Bug#941663: openssh-server: fatal: privsep_preauth: preauth child terminated by signal 31

2019-10-05 Thread Jeroen Franssen 
Just tried that and same error... 



-Original Message-
From: James Cloos  
Sent: zaterdag 5 oktober 2019 18:17
To: 941...@bugs.debian.org
Subject: Bug#941663: openssh-server: fatal: privsep_preauth: preauth child
terminated by signal 31

Using ed25519 keys (host and client) should work around this issue.

-JimC
-- 
James Cloos  OpenPGP: 0x997A9F17ED7DAEA6

-- 
To unsubscribe, send mail to 941663-unsubscr...@bugs.debian.org.

Bug#941663: openssh-server: fatal: privsep_preauth: preauth child terminated by signal 31

2019-10-05 Thread James Cloos 
Using ed25519 keys (host and client) should work around this issue.

-JimC
-- 
James Cloos  OpenPGP: 0x997A9F17ED7DAEA6

Bug#941663: openssh-server: fatal: privsep_preauth: preauth child terminated by signal 31

2019-10-05 Thread Jeroen Franssen 
Also affected. 

On Fri, 4 Oct 2019 14:46:17 -0700 Mike Laiosa  wrote: 
> This affects me too.  The only solution I've found is to downgrade 
> openssl. 
> 
> Mike 
> 
>

Bug#941663: openssh-server: fatal: privsep_preauth: preauth child terminated by signal 31

2019-10-04 Thread Mike Laiosa 
This affects me too.  The only solution I've found is to downgrade
openssl.

Mike

Bug#941663: openssh-server: fatal: privsep_preauth: preauth child terminated by signal 31

2019-10-03 Thread Legato, John (NIH/NHLBI) [E] 
Package: openssh-server
Version: 1:7,9p1-10

We recently installed the latest openssl 
patches(https://www.debian.org/security/2019/dsa-4540 
https://www.debian.org/security/2019/dsa-4539 ) on  a machine running Debian 
10.1, since the upgrade, ssh connections are immediately dropped (below is an 
excerpt of auth.log with sshd LogLevel set to Debug)

Oct  3 08:50:24 debian sshd[8048]: debug1: Forked child 11290.
Oct  3 08:50:24 debian sshd[11290]: debug1: Set /proc/self/oom_score_adj to 0
Oct  3 08:50:24 debian sshd[11290]: debug1: rexec start in 6 out 6 newsock 6 
pipe 8 sock 9
Oct  3 08:50:24 debian sshd[11290]: debug1: inetd sockets after dupping: 5, 5
Oct  3 08:50:24 debian sshd[11290]: Connection from 192.168.1.2 port 58940 on 
165.112.184.218 port 22
Oct  3 08:50:24 debian sshd[11290]: debug1: Client protocol version 2.0; client 
software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
Oct  3 08:50:24 debian sshd[11290]: debug1: match: OpenSSH_7.6p1 
Ubuntu-4ubuntu0.3 pat 
OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7*
 compat 0x0402
Oct  3 08:50:24 debian sshd[11290]: debug1: Local version string 
SSH-2.0-OpenSSH_7.9p1 Debian-10
Oct  3 08:50:24 debian sshd[11290]: debug1: permanently_set_uid: 102/65534 
[preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: list_hostkey_types: 
rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: SSH2_MSG_KEXINIT received [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: kex: algorithm: curve25519-sha256 
[preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: kex: host key algorithm: 
ecdsa-sha2-nistp256 [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: kex: client->server cipher: 
chacha20-poly1...@openssh.com MAC:  compression: none [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: kex: server->client cipher: 
chacha20-poly1...@openssh.com MAC:  compression: none [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT 
[preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: rekey after 134217728 blocks 
[preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: SSH2_MSG_NEWKEYS received [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: rekey after 134217728 blocks 
[preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: KEX done [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: userauth-request for user user 
service ssh-connection method none [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: attempt 0 failures 0 [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: PAM: initializing for "user"
Oct  3 08:50:24 debian sshd[11290]: debug1: PAM: setting PAM_RHOST to 
"192.168.1.2"
Oct  3 08:50:24 debian sshd[11290]: debug1: PAM: setting PAM_TTY to "ssh"
Oct  3 08:50:24 debian sshd[11290]: debug1: userauth-request for user user 
service ssh-connection method publickey [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: attempt 1 failures 0 [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: userauth_pubkey: test pkalg 
rsa-sha2-512 pkblob RSA SHA256:4aUmJoZ6m0NnB1TB3RFIggMUaFbQe96aod3SohrLgfw 
[preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: temporarily_use_uid: 1003/1003 
(e=0/0)
Oct  3 08:50:24 debian sshd[11290]: debug1: trying public key file 
/home/user/.ssh/authorized_keys
Oct  3 08:50:24 debian sshd[11290]: debug1: Could not open authorized keys 
'/home/user/.ssh/authorized_keys': No such file or directory
Oct  3 08:50:24 debian sshd[11290]: debug1: restore_uid: 0/0
Oct  3 08:50:24 debian sshd[11290]: Failed publickey for user from 192.168.1.2 
port 58940 ssh2: RSA SHA256:L+JSUX+UtQA5J0GjsdbG1Su6Z9YgXb6EJA0KZ+AJuos
Oct  3 08:50:24 debian sshd[11290]: debug1: userauth-request for user user 
service ssh-connection method publickey [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: attempt 3 failures 2 [preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: userauth_pubkey: test pkalg 
rsa-sha2-512 pkblob RSA SHA256:EdnXT/x3fRm1jl7Dpz2DWz8TUYphqEB71IuQtSkk/X0 
[preauth]
Oct  3 08:50:24 debian sshd[11290]: debug1: temporarily_use_uid: 1003/1003 
(e=0/0)
Oct  3 08:50:24 debian sshd[11290]: debug1: trying public key file 
/home/user/.ssh/authorized_keys
Oct  3 08:50:24 debian sshd[11290]: debug1: Could not open authorized keys 
'/home/user/.ssh/authorized_keys': No such file or directory
Oct  3 08:50:24 debian sshd[11290]: debug1: restore_uid: 0/0
Oct  3 08:50:24 debian sshd[11290]: debug1: temporarily_use_uid: 1003/1003 
(e=0/0)
Oct  3 08:50:24 debian sshd[11290]: debug1: trying public key file 
/home/user/.ssh/authorized_keys2
Oct  3 08:50:24 debian sshd[11290]: debug1: Could not open authorized keys 
'/home/user/.ssh/authorized_keys2': No such file or directory