Bug#344295: openssh-server: sshd will not accept connect requests
Package: openssh-server
Version: 1:4.2p1-5
Severity: grave
Justification: renders package unusable
This all seems to have started since the last update I ran on or around the
19th of December 2005 which included a new 2.4.27 Kernel.
Some time ago, I needed to set an environment variable to fix what seemed to be a related problem. Nobody was able to connect via SSH to the server.
The fix seemed to relate to a double free of a memory chunk which caused
an updated glibc to abort the running program. So setting MALLOC_CHECK_=0
would magically force glibc to ignore the error and keep running. Maybe it's
not related at all but the behavior looks suspiciously famliar.
Some client side debugging:
----------------------------
$ ssh -v -v -v [host]
OpenSSH_4.2p1, OpenSSL 0.9.7f 22 Mar 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to [host] port 22.
debug1: Connection established.
debug1: identity file /home/meyerdg/.ssh/identity type -1
debug1: identity file /home/meyerdg/.ssh/id_rsa type -1
debug1: identity file /home/meyerdg/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version
OpenSSH_4.2p1 Debian-5
debug1: match: OpenSSH_4.2p1 Debian-5 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
Read from socket failed: Connection reset by peer
---
Some server side debugging info:
----------------------------------
$ sudo /usr/sbin/sshd -d
debug1: sshd version OpenSSH_4.2p1 Debian-5
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
#COMMENT -- up to this is displayed before the connection attempt,
#COMMENT -- the rest is after a connect attempt is made.
socket: Address family not supported by protocol
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
debug1: inetd sockets after dupping: 3, 3
Connection from 10.55.42.15 port 38946
debug1: Client protocol version 2.0; client software version OpenSSH_4.2
debug1: match: OpenSSH_4.2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2p1 Debian-5
debug1: permanently_set_uid: 104/65534
debug1: list_hostkey_types: ssh-rsa,ssh-dss
Segmentation fault
debug1: do_cleanup
debug1: PAM: cleanup
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.4.27-2-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages openssh-server depends on:
ii adduser 3.80 Add and remove users and groups
ii debconf [debconf-2.0] 1.4.62 Debian configuration management sy
ii dpkg 1.13.11.0.1 package maintenance system for Deb
ii libc6 2.3.5-8 GNU C Library: Shared libraries an
ii libcomerr2 1.38-2 common error description library
ii libkrb53 1.4.3-4 MIT Kerberos runtime libraries
ii libpam-modules 0.79-3 Pluggable Authentication Modules f
ii libpam-runtime 0.79-3 Runtime support for the PAM librar
ii libpam0g 0.79-3 Pluggable Authentication Modules l
ii libselinux1 1.26-1 SELinux shared libraries
ii libssl0.9.8 0.9.8a-3 SSL shared libraries
ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra
ii openssh-client 1:4.2p1-5 Secure shell client, an rlogin/rsh
ii zlib1g 1:1.2.3-8 compression library - runtime
openssh-server recommends no packages.
-- debconf information:
ssh/insecure_rshd:
ssh/insecure_telnetd:
ssh/new_config: true
* ssh/use_old_init_script: true
ssh/encrypted_host_key_but_no_keygen:
* ssh/disable_cr_auth: false
Reply to: