Hi Roberto, Op Mon, Sep 17, 2018 at 01:53:59PM +0200 schreef Joost van Baal-Ilić: > Op Mon, Sep 17, 2018 at 07:50:00AM -0400 schreef Roberto C. Sánchez: > > On Mon, Sep 17, 2018 at 12:00:48PM +0200, Joost van Baal-Ilić wrote: > > > Op Mon, Sep 17, 2018 at 11:49:12AM +0200 schreef Микаел Бак: > > > > On 2018-09-17 10:58, Joost van Baal-Ilić wrote: > > > > > > > > > >After upgrading openssh on debian 7/wheezy from 6.0p1-4+deb7u7 to 6.0p1-4+deb7u8, > > > > >we see > > > > > > > > > > Sep 17 10:47:13 host sshd[124622]: Failed publickey for root from 1.2.3.4 port 39792 ssh2 > > > > > Sep 17 10:47:13 host sshd[124622]: fatal: xfree: NULL pointer given as argument [preauth] > > > > > > > > > >. Login fails: > > > > > > > > > > joostvb@home:~% ssh root@host > > > > > Authentication failed. > > > > > > > > > >. Downgrading back to 6.0p1-4+deb7u7 restores login functionality. > > > > > > > > > >Behaviour observed on 2 of our machines. Possibly more debug information > > > > >available; please ask. > > > > > > > > > > > > > I also get the same error on all my wheezy servers after updating the > > > > openssh-server package. All of them are LXC containers running on a Ubuntu > > > > 16.04 LTS host. Perhaps it has something to do with it. > > > > > > FWIW; here it is VMWare guests running a pretty regular Debian 7/wheezy. > > > > > > Thanks, Bye, > > > > > > Joost > > > > > > > I am the developer who prepard the problematic openssh update. > > > > I have been trying to reproduce this problem, but I cannot trigger the > > failure described. Prior to your two reports I had received a report > > via direct email from another user experiencing the same symptons. > > > > I tried a wheezy server running 1:6.0p1-4+deb7u7 and also > > 1:6.0p1-4+deb7u8 (I setup a fresh VM just for this test) against clients > > running wheezy (1:6.0p1-4+deb7u7 and 1:6.0p1-4+deb7u8) as well as a > > jessie client. Every single authentication attempt succeeded. > > > > Do you think you could provide some additional information to help me > > reproduce the problem? > > > > - architecture > > - sshd_config from server and ssh_config from client (and any > > ~/.ssh/config involved if that is a factor) > > - complete server-side log output of a failed login attempt (after > > setting the log level to debug or something else suitably verbose) > > - complete client-side console output of a failed login attempt run with > > the -vvv option to the ssh command > > - any other information that may identify unique aspects of your setup > > that might in any way be related to the failure > > > > If you prefer not share such via public list, please mail it to me > > directly. If you need to encrypt the email to me, my GPG key is > > available in the Debian keyring (ID 0x7731FCCC63E4E277). > > Collecting this information now. > > Will send privately. Oops: E: Version '1:6.0p1-4+deb7u8' for 'openssh-server' was not found (Thanks Markus Koschany for acting so quick!) Roberto: do you have that one available for me? I can no longer find it. Thanks, Bye, Joost -- ✉ Joost van Baal-Ilić <joostvb@uvt.nl> irc://irc.uvt.nl/joostvb http://abramowitz.uvt.nl/ kamer G 236 LIS Unix <lis-unix@uvt.nl> ☎ (013-466-)4683 https://go.uvt.nl/unix
Attachment:
signature.asc
Description: Digital signature