[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#506938: openssh-server: Can't connect to sshd on vserver since the latest update in lenny (only on vservers)

Package: openssh-server
Version: 1:5.1p1-3
Severity: grave
Justification: renders package unusable

Since the last update the ssh-server won't accept connection if it runs on a
vserver. The ssh-server on non vservers runs normal. The ListenAddress is set
correctly and everythings worked fine before the update. No other options in
the sshd_config have been touched.
Debug output follows:

---Debug output from auth.log---
Nov 25 11:39:25 web sshd[13098]: debug1: rexec start in 4 out 4 newsock 4 pipe 6 sock 7
Nov 25 11:39:25 web sshd[13091]: debug1: Forked child 13098.
Nov 25 11:39:25 web sshd[13098]: error writing /proc/self/oom_adj: Permission denied
Nov 25 11:39:25 web sshd[13098]: debug1: inetd sockets after dupping: 3, 3
Nov 25 11:39:25 web sshd[13098]: Connection from 192.168.0.140 port 52076
Nov 25 11:39:25 web sshd[13098]: debug1: Client protocol version 2.0; client software version OpenSSH_5.1p1 Debian-3
Nov 25 11:39:25 web sshd[13098]: debug1: match: OpenSSH_5.1p1 Debian-3 pat OpenSSH*
Nov 25 11:39:25 web sshd[13098]: debug1: Enabling compatibility mode for protocol 2.0
Nov 25 11:39:25 web sshd[13098]: debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-3
Nov 25 11:39:25 web sshd[13099]: fatal: chroot("/var/run/sshd"): Operation not permitted
Nov 25 11:39:25 web sshd[13099]: debug1: do_cleanup
Nov 25 11:39:25 web sshd[13098]: debug1: do_cleanup
------End of debug output------

-- System Information:
Debian Release: lenny/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-vserver-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages openssh-server depends on:
ii  adduser               3.110              add and remove users and groups
ii  debconf [debconf-2.0] 1.5.24             Debian configuration management sy
ii  dpkg                  1.14.22            Debian package management system
ii  libc6                 2.7-16             GNU C Library: Shared libraries
ii  libcomerr2            1.41.3-1           common error description library
ii  libkrb53              1.6.dfsg.4~beta1-4 MIT Kerberos runtime libraries
ii  libpam-modules        1.0.1-4            Pluggable Authentication Modules f
ii  libpam-runtime        1.0.1-4            Runtime support for the PAM librar
ii  libpam0g              1.0.1-4            Pluggable Authentication Modules l
ii  libselinux1           2.0.65-5           SELinux shared libraries
ii  libssl0.9.8           0.9.8g-14          SSL shared libraries
ii  libwrap0              7.6.q-16           Wietse Venema's TCP wrappers libra
ii  lsb-base              3.2-20             Linux Standard Base 3.2 init scrip
ii  openssh-blacklist     0.4.1              list of default blacklisted OpenSS
ii  openssh-client        1:5.1p1-3          secure shell client, an rlogin/rsh
ii  zlib1g                1:1.2.3.3.dfsg-12  compression library - runtime

Versions of packages openssh-server recommends:
ii  openssh-blacklist-extra       0.4.1      list of non-default blacklisted Op
ii  xauth                         1:1.0.3-2  X authentication utility

Versions of packages openssh-server suggests:
pn  molly-guard                   <none>     (no description available)
pn  rssh                          <none>     (no description available)
pn  ssh-askpass                   <none>     (no description available)

-- debconf information:
  ssh/new_config: true
* ssh/use_old_init_script: true
  ssh/vulnerable_host_keys:
  ssh/disable_cr_auth: false
  ssh/encrypted_host_key_but_no_keygen:
Reply to: