Re: [debian@onerussian.com: /usr/sbin/sshd: wrong DISPLAY is due to hijacking someone other's one...]
Hi Ben,
Thank you for the help. FWIW, I confirm that it indeed fixes an issue on
my box.
1.
unfortunately it probably implies that I was wrong in my estimate of
connection of this issue to original old #152250. It was reported
on 1:3.4p1-0.0woody1, which came out on 26 Jun 2002 whenever the patch
you've mention is from Oct 2002... Heh - now I need to go to snapshots
to verify if that line wasn't there in debian's release.. I wish we had
CVS for all the projects ;-)
hm - got
459c1d0262e939d6432f193c7a4ba8a8 openssh_3.4p1.orig.tar.gz
and that one has already that condition in:
and Changelog states release of 20020626
so I don't get it... may be there was some custom patch to
openssh_3.4p1.orig.tar.gz from debian? (not in diff.gz?) which later on
was applied upstream in 1.183
so where am I wrong or am I right?
2.
ok - looking sober look at the list of occupied ports now I see why the
heck it happened at the first place here.
VNC occupied localhost:6013 but left ip6-localhost:6013 free. There was
one other VNC running on port 10 (so the one which could interfere with
sshd), BUT there was already one victim who ran ssh with forwarded X,
but probably never used any X app to discover that he can't ;-) :
,---
| sshd 4566 kuzey 8u IPv6 121986047 TCP ip6-localhost:6010 (LISTEN)
| Xvnc4 11957 bart 0u IPv4 110812220 TCP *:6010 (LISTEN)
`---
and the next VNC was on :13, so whenever less salient user hit a but,
she reported it to me, so I became investigating the issue.
Meanwhile I was running main sshd with -4, so all new connections occupy
only localhost:60XX, while old ones go for both {ip6-,}localhost:
,---
| sshd 27484 yoh 8u IPv4 125284718 TCP localhost:6020 (LISTEN)
| sshd 27484 yoh 9u IPv6 125284719 TCP ip6-localhost:6020 (LISTEN)
| sshd 21917 arielle 8u IPv4 127502258 TCP localhost:6021 (LISTEN)
`---
without the problems-giving break, sshd allowed to ipv6 also occupies
both (reporting FWIW)
,------------------------------------------------------------------------------
| $> sudo lsof -i :6024
| COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
| sshd 441 yoh 8u IPv4 127627340 TCP localhost:6024 (LISTEN)
| sshd 441 yoh 9u IPv6 127627341 TCP ip6-localhost:6024 (LISTEN)
`---
On Fri, 02 Mar 2007, Ben Hutchings wrote:
> On Thu, 2007-03-01 at 17:44 -0500, Yaroslav Halchenko wrote:
> <snip>
> > | if (ai->ai_next)
> > | continue;
> <snip>
> I believe these two lines are the source of the bug. Here's the change
> that introduced it:
> http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/channels.c#rev1.183
> The commit message cites:
> http://mail-index.netbsd.org/current-users/2002/09/16/0005.html
> which says that binding to the wildcard IPv6 address fails if no
> interfaces have IPv6 addresses assigned. I think that's a BSD kernel
> bug that we don't need to pander to (and has probably been fixed in the
> mean time).
> Ben.
--
Yaroslav Halchenko
Research Assistant, Psychology Department, Rutgers-Newark
Student Ph.D. @ CS Dept. NJIT
Office: (973) 353-5440x263 | FWD: 82823 | Fax: (973) 353-1171
101 Warren Str, Smith Hall, Rm 4-105, Newark NJ 07102
WWW: http://www.linkedin.com/in/yarik
Reply to: