Re: sshd problem
Andrew Thompson wrote: On Wed, 2002-12-11 at 05:52, Vasyl S. Smirnov wrote: Hi again. One more strange thing I've just discovered about sshd - two example ssh sessions: 1. ssh nostromo Password: correct password Connection closed by 10.100.76.33 (and the same sig 11/fatal messages on the console) 2. ssh nostromo Password: Enter Password: Enter Password: Enter [EMAIL PROTECTED]'s password: correct password [and SUCCESSFUL login] Now, what do you think about it? The first prompt is from s/key authentication, try putting ChallengeResponseAuthentication no (i think..) in your sshd_config. I know ChallengeResponseAuthentication from a linux system. It askes for a Response instead for a password. If you see the backtrace, you'll see that it couldn't be in direct sshd - it's an error either in pam or sshd gives wrong parameters. Jens -- L i W W W i Jens Rehsack LW W W L i W W W W i nnnLiWing IT-Services L iW W W Wi n n g g i W W i n n g gFriesenstraße 2 06112 Halle g g g Tel.: +49 - 3 45 - 5 17 05 91ggg e-Mail: [EMAIL PROTECTED] Fax: +49 - 3 45 - 5 17 05 92http://www.liwing.de/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: sshd problem - solved (?)
Hi, I suppose I've found the reason for such a strange sshd behaviour - the problem is I was using login classes in my master.passwd. Man for master.passwd says that login classes aren't implemented yet - strange, in 4-STABLE they seem to be working fine. Can someone explain this? (or give some URL). But still one strange thing remains - when I removed completly the login classes from master.passwd and rebuilt both [s]pwd.db and login.conf.db, it gave no result, only restoring /etc from backup did help. Anyway, thanks for everyone who helped me. sv -- [LPML-2001] [KPI-PMA] [FreeBSD] [NIN] * GPG fingerprint: 7175 B841 C13D 9FE6 BDE0 C5E3 1652 7026 0A30 1CED Mail me with subject GPG-GETKEY to get my public key. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: sshd problem - solved (?)
On Wed, Dec 11, 2002 at 03:34:57PM +0200, Vasyl S. Smirnov wrote: Hi, I suppose I've found the reason for such a strange sshd behaviour - the problem is I was using login classes in my master.passwd. Man for master.passwd says that login classes aren't implemented yet - strange, in 4-STABLE they seem to be working fine. Can someone explain this? (or give some URL). Although not strictly related to your sshd problem, I would like to say that login classes are implemented, only not all of the knobs that the manpage describes used to work at the time the page was written. (I do not know how about now) The warning is there because some of the knobs are used to restrict users' resource usage, and it was not advisable for admins to rely on these for functionality. I do not know, maybe the situation has changed since, somebody should try. But other aspects of login classes work Just Fine(TM): for example I use them to give my users a Hungarian-locale environment independent of the shell they use. This has been in use for months (if not years) and has always worked (also through ssh). This must be something else. -- Regards: Szilveszter ADAM Szombathely Hungary To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: sshd problem
Hi again. One more strange thing I've just discovered about sshd - two example ssh sessions: 1. ssh nostromo Password: correct password Connection closed by 10.100.76.33 (and the same sig 11/fatal messages on the console) 2. ssh nostromo Password: Enter Password: Enter Password: Enter [EMAIL PROTECTED]'s password: correct password [and SUCCESSFUL login] Now, what do you think about it? sv -- [LPML-2001] [KPI-PMA] [FreeBSD] [NIN] * GPG fingerprint: 7175 B841 C13D 9FE6 BDE0 C5E3 1652 7026 0A30 1CED Mail me with subject GPG-GETKEY to get my public key. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: sshd problem
Vasyl S. Smirnov wrote: On Mon, Dec 09, 2002 at 12:59:44PM -0800, Kris Kennaway wrote: On Mon, Dec 09, 2002 at 05:49:31PM +0100, Jens Rehsack wrote: Can you check the core dump for backtrace and send that? sysctl kern.sugid_coredump=1 sysctl kern.corefile=/tmp/%N.core (or somewhere else writable by an unprivileged user) Ok, I ran gdb sshd sshd.core, then the bt command, here is its output: (gdb) bt #0 0x282670ff in strcasecmp () from /usr/lib/libc.so.5 #1 0x284151f4 in login_access () from /usr/lib/pam_login_access.so.2 #2 0x284150e2 in login_access () from /usr/lib/pam_login_access.so.2 #3 0x28414ef6 in login_access () from /usr/lib/pam_login_access.so.2 #4 0x28414daf in login_access () from /usr/lib/pam_login_access.so.2 #5 0x28414aed in pam_sm_acct_mgmt () from /usr/lib/pam_login_access.so.2 #6 0x281d97dc in openpam_dispatch () from /usr/lib/libpam.so.2 #7 0x281d8d1e in pam_acct_mgmt () from /usr/lib/libpam.so.2 #8 0x08061e05 in tty_parse_modes () #9 0x08062012 in tty_parse_modes () #10 0x0805db3a in tty_parse_modes () #11 0x0805d23a in tty_parse_modes () #12 0x0805cf58 in tty_parse_modes () #13 0x0804e6bf in tty_parse_modes () #14 0x08050166 in tty_parse_modes () #15 0x0804db65 in tty_parse_modes () Is this enough? I'm a bit new to gdb, so I may be missing something. sv Can you please send the gzipped core dump to me? And could you please include a dmesg output. I'll see what it make on my systems. Jens To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: sshd problem
On Wed, 2002-12-11 at 05:52, Vasyl S. Smirnov wrote: Hi again. One more strange thing I've just discovered about sshd - two example ssh sessions: 1. ssh nostromo Password: correct password Connection closed by 10.100.76.33 (and the same sig 11/fatal messages on the console) 2. ssh nostromo Password: Enter Password: Enter Password: Enter [EMAIL PROTECTED]'s password: correct password [and SUCCESSFUL login] Now, what do you think about it? The first prompt is from s/key authentication, try putting ChallengeResponseAuthentication no (i think..) in your sshd_config. Andy To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
sshd problem
Hi, Recently I've discovered that I cannot ssh to my box. After looking at the console, I found the following messages: Dec 9 10:09:05 nostromo kernel: pid 63040 (sshd), uid 0: exited on signal 11 Dec 9 10:09:05 nostromo sshd[63038]: fatal: buffer_put_cstring: s == NULL It seems to be a bug in sshd. I havent changed the default configs, except for /etc/ssh/known_hosts. Is anybody getting the same problem? My `uname -a`: FreeBSD nostromo.astral.ntu-kpi.kiev.ua 5.0-RC FreeBSD 5.0-RC #1: Sat Dec 7 14:56:05 EET 2002 [EMAIL PROTECTED]: /usr/obj/usr/src/sys/NOSTROMO i386 sv -- [LPML-2001] [KPI-PMA] [FreeBSD] [NIN] * GPG fingerprint: 7175 B841 C13D 9FE6 BDE0 C5E3 1652 7026 0A30 1CED Mail me with subject GPG-GETKEY to get my public key. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: sshd problem
Vasyl S. Smirnov wrote: Hi, Recently I've discovered that I cannot ssh to my box. After looking at the console, I found the following messages: Dec 9 10:09:05 nostromo kernel: pid 63040 (sshd), uid 0: exited on signal 11 Dec 9 10:09:05 nostromo sshd[63038]: fatal: buffer_put_cstring: s == NULL It seems to be a bug in sshd. I havent changed the default configs, except for /etc/ssh/known_hosts. Is anybody getting the same problem? My `uname -a`: FreeBSD nostromo.astral.ntu-kpi.kiev.ua 5.0-RC FreeBSD 5.0-RC #1: Sat Dec 7 14:56:05 EET 2002 [EMAIL PROTECTED]: /usr/obj/usr/src/sys/NOSTROMO i386 sv Can you check the core dump for backtrace and send that? Jens -- L i W W W i Jens Rehsack LW W W L i W W W W i nnnLiWing IT-Services L iW W W Wi n n g g i W W i n n g gFriesenstra?e 2 06112 Halle g g g Tel.: +49 - 3 45 - 5 17 05 91ggg e-Mail: [EMAIL PROTECTED] Fax: +49 - 3 45 - 5 17 05 92http://www.liwing.de/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: sshd problem
On Mon, Dec 09, 2002 at 05:49:31PM +0100, Jens Rehsack wrote: Can you check the core dump for backtrace and send that? I doesn't generate a coredump. Any way to enforce it? I've just tried Protocol version 1, and everything was perfect. I'll try to figure out which part of sshd is generating the error. sv -- [LPML-2001] [KPI-PMA] [FreeBSD] [NIN] * GPG fingerprint: 7175 B841 C13D 9FE6 BDE0 C5E3 1652 7026 0A30 1CED Mail me with subject GPG-GETKEY to get my public key. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: sshd problem
On Mon, Dec 09, 2002 at 09:30:32PM +0200, Vasyl S. Smirnov wrote: On Mon, Dec 09, 2002 at 05:49:31PM +0100, Jens Rehsack wrote: Can you check the core dump for backtrace and send that? I doesn't generate a coredump. Any way to enforce it? sysctl kern.sugid_coredump=1 sysctl kern.corefile=/tmp/%N.core (or somewhere else writable by an unprivileged user) Kris msg48425/pgp0.pgp Description: PGP signature
Re: sshd problem
On Mon, Dec 09, 2002 at 11:11:28AM +0200, Vasyl S. Smirnov wrote: [...] Dec 9 10:09:05 nostromo kernel: pid 63040 (sshd), uid 0: exited on signal 11 Dec 9 10:09:05 nostromo sshd[63038]: fatal: buffer_put_cstring: s == NULL [...] Some info I didn't mention in the first post: The process of logging is goes fine until the correct password is supplied. I.e. I run ssh, get the Password: prompt; if I enter wrong password, the prompt appears again; after correct password it just drops: Connection closed by a.b.c.d sv -- [LPML-2001] [KPI-PMA] [FreeBSD] [NIN] * GPG fingerprint: 7175 B841 C13D 9FE6 BDE0 C5E3 1652 7026 0A30 1CED Mail me with subject GPG-GETKEY to get my public key. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
Re: sshd problem
On Mon, Dec 09, 2002 at 12:59:44PM -0800, Kris Kennaway wrote: On Mon, Dec 09, 2002 at 05:49:31PM +0100, Jens Rehsack wrote: Can you check the core dump for backtrace and send that? sysctl kern.sugid_coredump=1 sysctl kern.corefile=/tmp/%N.core (or somewhere else writable by an unprivileged user) Ok, I ran gdb sshd sshd.core, then the bt command, here is its output: (gdb) bt #0 0x282670ff in strcasecmp () from /usr/lib/libc.so.5 #1 0x284151f4 in login_access () from /usr/lib/pam_login_access.so.2 #2 0x284150e2 in login_access () from /usr/lib/pam_login_access.so.2 #3 0x28414ef6 in login_access () from /usr/lib/pam_login_access.so.2 #4 0x28414daf in login_access () from /usr/lib/pam_login_access.so.2 #5 0x28414aed in pam_sm_acct_mgmt () from /usr/lib/pam_login_access.so.2 #6 0x281d97dc in openpam_dispatch () from /usr/lib/libpam.so.2 #7 0x281d8d1e in pam_acct_mgmt () from /usr/lib/libpam.so.2 #8 0x08061e05 in tty_parse_modes () #9 0x08062012 in tty_parse_modes () #10 0x0805db3a in tty_parse_modes () #11 0x0805d23a in tty_parse_modes () #12 0x0805cf58 in tty_parse_modes () #13 0x0804e6bf in tty_parse_modes () #14 0x08050166 in tty_parse_modes () #15 0x0804db65 in tty_parse_modes () Is this enough? I'm a bit new to gdb, so I may be missing something. sv -- [LPML-2001] [KPI-PMA] [FreeBSD] [NIN] * GPG fingerprint: 7175 B841 C13D 9FE6 BDE0 C5E3 1652 7026 0A30 1CED Mail me with subject GPG-GETKEY to get my public key. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-current in the body of the message
