Bug#330844: marked as done (Problem encountered with openssh-server/pam on sid after dist-upgrading on Fri Sep 30 near 3:00:00 CEST)
Your message dated Fri, 30 Sep 2005 20:39:09 +0100
with message-id <20050930193909.GB26600@riva.ucam.org>
and subject line Bug#330844: Problem encountered with openssh-server/pam on sid after dist-upgrading on Fri Sep 30 near 3:00:00 CEST
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 30 Sep 2005 03:50:19 +0000
>From camille.prevost@home108.com Thu Sep 29 20:50:19 2005
Return-path: <camille.prevost@home108.com>
Received: from my.home108.com (smtp.home108.lan) [82.236.78.143]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1ELBuc-0006Xn-00; Thu, 29 Sep 2005 20:50:18 -0700
Received: from [10.105.108.2] (horizon.home108.lan [10.105.108.2])
by smtp.home108.lan (Postfix) with ESMTP id 062C9C2E3A2
for <submit@bugs.debian.org>; Fri, 30 Sep 2005 05:50:12 +0200 (CEST)
Message-ID: <[🔎] 433CB5E8.6060507@home108.com>
Date: Fri, 30 Sep 2005 05:50:00 +0200
From: Camille Prevost <camille.prevost@home108.com>
User-Agent: Debian Thunderbird 1.0.6 (X11/20050929)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: submit@bugs.debian.org
Subject: Problem encountered with openssh-server/pam on sid after dist-upgrading
on Fri Sep 30 near 3:00:00 CEST
References: <[🔎] 433CAEDA.4090809@home108.com>
In-Reply-To: <[🔎] 433CAEDA.4090809@home108.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Package: openssh-server # or *pam* (?)
Version: 1:4.2p1-4
Login through the console is OK, ssh remote connections with the same
client through others servers on sid upgraded at the same time are OK
(!), and of course this error appears before and after a demoralised reboot
Thank you for attention, regards,
Camille Prevost
The Error Client-Side
>
> [cam@horizon] ~ #ssh -p 22002 cam@nadir
> Password:
> Read from remote host nadir: Connection reset by peer
> Connection to nadir closed.
>
>
>
> #######
> #After#
> #######
>
>
>
> [cam@horizon] ~ #ssh -vvv -p 22002 cam@nadir
> OpenSSH_4.2p1 Debian-4, OpenSSL 0.9.7g 11 Apr 2005
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to nadir [10.105.108.1] port 22002.
> debug1: Connection established.
> debug1: identity file /home/cam/.ssh/identity type -1
> debug1: identity file /home/cam/.ssh/id_rsa type -1
> debug1: identity file /home/cam/.ssh/id_dsa type -1
> debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2p1
> Debian-4
> debug1: match: OpenSSH_4.2p1 Debian-4 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_4.2p1 Debian-4
> debug2: fd 3 setting O_NONBLOCK
> debug3: Trying to reverse map address 10.105.108.1.
> debug1: Miscellaneous failure
> No credentials cache found
>
> debug1: Miscellaneous failure
> No credentials cache found
>
> debug1: Offering GSSAPI proposal: (null)
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
> debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib@openssh.com
> debug2: kex_parse_kexinit: none,zlib@openssh.com
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: mac_init: found hmac-md5
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug2: mac_init: found hmac-md5
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug2: dh_gen_key: priv key bits set: 132/256
> debug2: bits set: 492/1024
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug3: check_host_in_hostfile: filename /home/cam/.ssh/known_hosts
> debug3: check_host_in_hostfile: match line 1
> debug3: check_host_in_hostfile: filename /home/cam/.ssh/known_hosts
> debug3: check_host_in_hostfile: match line 2
> debug1: Host 'nadir' is known and matches the RSA host key.
> debug1: Found key in /home/cam/.ssh/known_hosts:1
> debug2: bits set: 494/1024
> debug1: ssh_rsa_verify: signature correct
> debug2: kex_derive_keys
> debug2: set_newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug2: set_newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug2: service_accept: ssh-userauth
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug2: key: /home/cam/.ssh/identity ((nil))
> debug2: key: /home/cam/.ssh/id_rsa ((nil))
> debug2: key: /home/cam/.ssh/id_dsa ((nil))
> debug1: Authentications that can continue: publickey,keyboard-interactive
> debug3: start over, passed a different list publickey,keyboard-interactive
> debug3: preferred publickey,keyboard-interactive,password
> debug3: authmethod_lookup publickey
> debug3: remaining preferred: keyboard-interactive,password
> debug3: authmethod_is_enabled publickey
> debug1: Next authentication method: publickey
> debug1: Trying private key: /home/cam/.ssh/identity
> debug3: no such identity: /home/cam/.ssh/identity
> debug1: Trying private key: /home/cam/.ssh/id_rsa
> debug3: no such identity: /home/cam/.ssh/id_rsa
> debug1: Trying private key: /home/cam/.ssh/id_dsa
> debug3: no such identity: /home/cam/.ssh/id_dsa
> debug2: we did not send a packet, disable method
> debug3: authmethod_lookup keyboard-interactive
> debug3: remaining preferred: password
> debug3: authmethod_is_enabled keyboard-interactive
> debug1: Next authentication method: keyboard-interactive
> debug2: userauth_kbdint
> debug2: we sent a keyboard-interactive packet, wait for reply
> debug2: input_userauth_info_req
> debug2: input_userauth_info_req: num_prompts 1
> Password:
> debug3: packet_send2: adding 32 (len 22 padlen 10 extra_pad 64)
> debug2: input_userauth_info_req
> debug2: input_userauth_info_req: num_prompts 0
> debug3: packet_send2: adding 48 (len 10 padlen 6 extra_pad 64)
> debug1: Authentication succeeded (keyboard-interactive).
> debug1: channel 0: new [client-session]
> debug3: ssh_session2_open: channel_new: 0
> debug2: channel 0: send open
> debug1: Entering interactive session.
> debug1: channel 0: free: client-session, nchannels 1
> debug3: channel 0: status: The following connections are open:
> #0 client-session (t3 r-1 i0/0 o0/0 fd 4/5 cfd -1)
>
> debug3: channel 0: close_fds r 4 w 5 e 6 c -1
> Read from remote host nadir: Connection reset by peer
> Connection to nadir closed.
> debug1: Transferred: stdin 0, stdout 0, stderr 84 bytes in 0.1 seconds
> debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 1260.8
> debug1: Exit status -1
>
>
>
The Error Server-Side
>
> tail /var/log/auth.log
>
> Sep 30 05:01:49 nadir sshd[6302]: Accepted keyboard-interactive/pam for cam from 10.105.108.2 port 45259 ssh2
> Sep 30 05:01:49 nadir sshd[6307]: (pam_unix) session opened for user cam by (uid=0)
> Sep 30 05:01:49 nadir sshd[6307]: fatal: PAM: pam_setcred(): Critical error - immediate abort
> Sep 30 05:01:49 nadir sshd[6307]: (pam_unix) session closed for user cam
---------------------------------------
Received: (at 330844-done) by bugs.debian.org; 30 Sep 2005 19:39:11 +0000
>From cjwatson@flatline.org.uk Fri Sep 30 12:39:11 2005
Return-path: <cjwatson@flatline.org.uk>
Received: from mail.metronet.co.uk [213.162.97.75]
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1ELQis-0004bu-00; Fri, 30 Sep 2005 12:39:10 -0700
Received: from riva.pelham.vpn.ucam.org (83-216-156-196.colinw664.adsl.metronet.co.uk [83.216.156.196])
by smtp.metronet.co.uk (MetroNet Mail) with ESMTP id 899E5422912
for <330844-done@bugs.debian.org>; Fri, 30 Sep 2005 20:38:54 +0100 (BST)
Received: from cjwatson by riva.pelham.vpn.ucam.org with local (Exim 3.36 #1 (Debian))
for 330844-done@bugs.debian.org
id 1ELQir-0000NK-00; Fri, 30 Sep 2005 20:39:09 +0100
Date: Fri, 30 Sep 2005 20:39:09 +0100
From: Colin Watson <cjwatson@debian.org>
To: 330844-done@bugs.debian.org
Subject: Re: Bug#330844: Problem encountered with openssh-server/pam on sid after dist-upgrading on Fri Sep 30 near 3:00:00 CEST
Message-ID: <20050930193909.GB26600@riva.ucam.org>
References: <[🔎] 433CAEDA.4090809@home108.com> <[🔎] 433CB5E8.6060507@home108.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[🔎] 433CB5E8.6060507@home108.com>
User-Agent: Mutt/1.5.9i
Delivered-To: 330844-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
On Fri, Sep 30, 2005 at 05:50:00AM +0200, Camille Prevost wrote:
> Package: openssh-server # or *pam* (?)
> Version: 1:4.2p1-4
>
> Login through the console is OK, ssh remote connections with the same
> client through others servers on sid upgraded at the same time are OK
> (!), and of course this error appears before and after a demoralised reboot
Closing this duplicate of #330843; since they're both from you, I don't
think we need to have both open.
Cheers,
--
Colin Watson [cjwatson@debian.org]
Reply to: