f



Another variant of "ssh" working interactively, but "ssh cmd" and "scp" failing

hello, world\n

I've read the SSH and OpenSSH FAQ (motd/.profile issue), googled left
and right and still could not find a solution to the problem. I've got
an embedded box named FOO running OpenSSH_3.7.1p1 on Linux 2.4 on
PowerPC, the shell is a busybox, but using bash does not change
anything. No PAM. This is the situation:

ssh root@FOO       -- works
ssh root@FOO ls    -- fails, no output, no matter what command is given
scp file root@FOO: -- fails, "lost connection"

Here's the debug output for the client and the server. I have also
appended the /etc/ssh/sshd_config. What am I doing wrong?

$ ssh -vvv root@FOO /bin/ls
OpenSSH_4.2p1 FreeBSD-20050903, OpenSSL 0.9.7e 25 Oct 2004
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to FOO [172.28.58.13] port 22.
debug1: Connection established.
debug1: identity file /home/sje2bk/.ssh/identity type -1
debug1: identity file /home/sje2bk/.ssh/id_rsa type -1
debug3: Not a RSA1 key file /home/sje2bk/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/sje2bk/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.7.1p1
debug1: match: OpenSSH_3.7.1p1 pat OpenSSH_3.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2p1 FreeBSD-20050903
debug2: fd 4 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss,ssh-rsa
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 125/256
debug2: bits set: 510/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/sje2bk/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 14
debug1: Host 'FOO' is known and matches the DSA host key.
debug1: Found key in /home/sje2bk/.ssh/known_hosts:14
debug2: bits set: 528/1024
debug1: ssh_dss_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/sje2bk/.ssh/id_dsa (0xa01a910)
debug2: key: /home/sje2bk/.ssh/identity (0x0)
debug2: key: /home/sje2bk/.ssh/id_rsa (0x0)
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug3: start over, passed a different list
publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/sje2bk/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Trying private key: /home/sje2bk/.ssh/identity
debug3: no such identity: /home/sje2bk/.ssh/identity
debug1: Trying private key: /home/sje2bk/.ssh/id_rsa
debug3: no such identity: /home/sje2bk/.ssh/id_rsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred:
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
root@FOO's password:
debug3: packet_send2: adding 64 (len 54 padlen 10 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug1: Sending command: /bin/ls
debug2: channel 0: request exec confirm 0
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 131072
debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0
debug2: channel 0: rcvd ext data 34
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: rcvd close
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug3: channel 0: will not send data after close
debug2: channel 0: obuf_empty delayed efd 8/(34)
debug1: permanently_set_uid: 0/0
debug2: channel 0: written 34 to efd 8
debug3: channel 0: will not send data after close
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cfd -1)

debug3: channel 0: close_fds r -1 w -1 e 8 c -1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.1 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status -1
$


Server log on embedded box:

[root@FOO:~]# /sbin/sshd -Dddd
debug3: RNG is ready, skipping seeding
debug2: read_server_config: filename //etc/sshd_config
debug1: sshd version OpenSSH_3.7.1p1
debug1: private host key: #0 type 0 RSA1
debug3: Not a RSA1 key file //etc/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug3: Not a RSA1 key file //etc/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
socket: Address family not supported by protocol
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 128.87.16.42 port 51306
debug1: Client protocol version 2.0; client software version
OpenSSH_4.2p1 FreeBSD-20050903
debug1: match: OpenSSH_4.2p1 FreeBSD-20050903 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_3.7.1p1
debug2: Network child is on pid 26736
debug3: preauth child monitor started
debug3: mm_request_receive entering
debug3: privsep user:group 501:255
debug1: permanently_set_uid: 501/255
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss,ssh-rsa
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug3: mm_request_send entering: type 0
debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULI
debug3: mm_request_receive_expect entering: type 1
debug3: mm_request_receive entering
debug3: monitor_read: checking request 0
debug3: mm_answer_moduli: got parameters: 1024 1024 8192
debug3: mm_request_send entering: type 1
debug3: mm_choose_dh: remaining 0
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug2: dh_gen_key: priv key bits set: 123/256
debug2: bits set: 528/1024
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug2: bits set: 510/1024
debug2: monitor_read: 0 used once, disabling now
debug3: mm_request_receive entering
debug3: mm_key_sign entering
debug3: mm_request_send entering: type 4
debug3: mm_key_sign: waiting for MONITOR_ANS_SIGN
debug3: monitor_read: checking request 4
debug3: mm_answer_sign
debug3: mm_answer_sign: signature 0x10061fd0(55)
debug3: mm_request_receive_expect entering: type 5
debug3: mm_request_receive entering
debug3: mm_request_send entering: type 5
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: monitor_read: 4 used once, disabling now
debug3: mm_request_receive entering
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user root service ssh-connection method
none
debug1: attempt 0 failures 0
debug3: mm_getpwnamallow entering
debug3: mm_request_send entering: type 6
debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM
debug3: mm_request_receive_expect entering: type 7
debug3: mm_request_receive entering
debug3: monitor_read: checking request 6
debug3: mm_answer_pwnamallow
debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
debug3: mm_request_send entering: type 7
debug2: input_userauth_request: setting up authctxt for root
debug3: mm_inform_authserv entering
debug3: mm_request_send entering: type 3
debug2: input_userauth_request: try method none
debug3: mm_auth_password entering
debug3: mm_request_send entering: type 10
debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD
debug3: mm_request_receive_expect entering: type 11
debug3: mm_request_receive entering
debug2: monitor_read: 6 used once, disabling now
debug3: mm_request_receive entering
debug3: monitor_read: checking request 3
debug3: mm_answer_authserv: service=ssh-connection, style=
debug2: monitor_read: 3 used once, disabling now
debug3: mm_request_receive entering
debug3: monitor_read: checking request 10
debug3: mm_answer_authpassword: sending result 0
debug3: mm_request_send entering: type 11
debug3: mm_auth_password: user not authenticated
Failed none for root from 128.87.16.42 port 51306 ssh2
Failed none for root from 128.87.16.42 port 51306 ssh2
debug3: mm_request_receive entering
debug1: userauth-request for user root service ssh-connection method
publickey
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method publickey
debug1: test whether pkalg/pkblob are acceptable
debug3: mm_key_allowed entering
debug3: mm_request_send entering: type 20
debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED
debug3: mm_request_receive_expect entering: type 21
debug3: mm_request_receive entering
debug3: monitor_read: checking request 20
debug3: mm_answer_keyallowed entering
debug3: mm_answer_keyallowed: key_from_blob: 0x10062130
debug1: temporarily_use_uid: 0/0 (e=0/0)
debug1: trying public key file /root/.ssh/authorized_keys
debug1: restore_uid: 0/0
debug1: temporarily_use_uid: 0/0 (e=0/0)
debug1: trying public key file /root/.ssh/authorized_keys2
debug1: restore_uid: 0/0
debug3: mm_answer_keyallowed: key 0x10062130 is disallowed
debug3: mm_request_send entering: type 21
debug2: userauth_pubkey: authenticated 0 pkalg ssh-dss
Failed publickey for root from 128.87.16.42 port 51306 ssh2
debug3: mm_request_receive entering
debug1: userauth-request for user root service ssh-connection method
keyboard-interactive
debug1: attempt 2 failures 2
debug2: input_userauth_request: try method keyboard-interactive
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=root devs=
debug1: kbdint_alloc: devices ''
debug2: auth2_challenge_start: devices
Failed keyboard-interactive for root from 128.87.16.42 port 51306 ssh2
debug1: userauth-request for user root service ssh-connection method
password
debug1: attempt 3 failures 3
debug2: input_userauth_request: try method password
debug3: mm_auth_password entering
debug3: mm_request_send entering: type 10
debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD
debug3: mm_request_receive_expect entering: type 11
debug3: mm_request_receive entering
debug3: monitor_read: checking request 10
debug3: mm_answer_authpassword: sending result 1
debug3: mm_request_send entering: type 11
debug3: mm_auth_password: user authenticated
Accepted password for root from 128.87.16.42 port 51306 ssh2
debug3: mm_send_keystate: Sending new keys: 0x10060ea8 0x10060d28
debug3: mm_newkeys_to_blob: converting 0x10060ea8
debug3: mm_newkeys_to_blob: converting 0x10060d28
debug3: mm_send_keystate: New keys have been sent
debug3: mm_send_keystate: Sending compression state
debug3: mm_request_send entering: type 24
debug3: mm_send_keystate: Finished sending state
Accepted password for root from 128.87.16.42 port 51306 ssh2
debug1: monitor_child_preauth: root has been authenticated by
privileged process
debug3: mm_get_keystate: Waiting for new keys
debug3: mm_request_receive_expect entering: type 24
debug3: mm_request_receive entering
debug3: mm_newkeys_from_blob: 0x10061e88(118)
debug2: mac_init: found hmac-md5
debug3: mm_get_keystate: Waiting for second key
debug3: mm_newkeys_from_blob: 0x10061e88(118)
debug2: mac_init: found hmac-md5
debug3: mm_get_keystate: Getting compression state
debug3: mm_get_keystate: Getting Network I/O buffers
debug3: mm_share_sync: Share sync
debug3: mm_share_sync: Share sync end
debug2: set_newkeys: mode 0
debug2: set_newkeys: mode 1
debug1: Entering interactive session for SSH2.
debug2: fd 3 setting O_NONBLOCK
debug2: fd 7 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 131072 max
32768
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
debug1: server_input_channel_req: channel 0 request exec reply 0
debug1: session_by_channel: session 0 channel 0
debug1: session_input_channel_req: session 0 req exec
debug2: fd 9 setting O_NONBLOCK
debug2: fd 9 is O_NONBLOCK
debug2: fd 11 setting O_NONBLOCK
debug1: Received SIGCHLD.
debug1: session_by_pid: pid 26747
debug1: session_exit_message: session 0 channel 0 pid 26747
debug2: channel 0: request exit-signal
debug1: session_exit_message: release channel 0
debug2: channel 0: write failed
debug2: channel 0: close_write
debug2: channel 0: output open -> closed
debug1: session_close: session 0 pid 26747
debug2: channel 0: read<=0 rfd 9 len 0
debug2: channel 0: read failed
debug2: channel 0: close_read
debug2: channel 0: input open -> drain
debug2: channel 0: read 34 from efd 11
debug2: channel 0: ibuf_empty delayed efd 11/(34)
debug2: channel 0: rwin 131072 elen 34 euse 1
debug2: channel 0: sent ext data 34
debug2: notify_done: reading
debug2: channel 0: read 0 from efd 11
debug2: channel 0: closing read-efd 11
debug2: channel 0: ibuf empty
debug2: channel 0: send eof
debug2: channel 0: input drain -> closed
debug2: channel 0: send close
debug3: channel 0: will not send data after close
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: server-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 server-session (t4 r0 i3/0 o3/0 fd 9/9)

debug3: channel 0: close_fds r 9 w 9 e -1
Connection closed by 128.87.16.42
Closing connection to 128.87.16.42

$ cat /etc/ssh/sshd_config
#       $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 120
#PermitRootLogin yes
#StrictModes yes

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile     .ssh/authorized_keys

# rhosts authentication should not be used
#RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# For this to work you will also need host keys in
/etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

#AFSTokenPassing no

# Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no

# Set this to 'yes' to enable PAM keyboard-interactive authentication
# Warning: enabling this may bypass the setting of
'PasswordAuthentication'
#PAMAuthenticationViaKbdInt no

#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes

#MaxStartups 10
# no default banner path
#Banner /some/path
#VerifyReverseMapping no

# override default of no subsystems
# Subsystem     sftp    /usr/libexec/sftp-server
------- EOF sshd_config -----

Regards,

    Jens
--
Jens Schweikhardt  http://www.schweikhardt.net/
SIGSIG -- signature too long (core dumped)





0
usenet8 (38)
2/28/2006 10:56:10 AM
comp.security.ssh 4228 articles. 0 followers. terra1024 (490) is leader. Post Follow

5 Replies
1629 Views

Similar Articles

[PageSpeed] 22

> 
> hello, world\n
> I've read the SSH and OpenSSH FAQ (motd/.profile issue), googled left
> and right and still could not find a solution to the problem. I've got
> an embedded box named FOO running OpenSSH_3.7.1p1 on Linux 2.4 on
> PowerPC, the shell is a busybox, but using bash does not change
> anything. No PAM. This is the situation:
> 
> ssh root@FOO       -- works
> ssh root@FOO ls    -- fails, no output, no matter what command is given
> scp file root@FOO: -- fails, "lost connection"

Are you sure you effectively tried it with bash?  This would be the most
logical explanation, since sshd uses "$SHELL -c ..." to execute remote
commands, and I find this:

syrinx:~% busybox -c /bin/ls
c: applet not found

--
  Richard Silverman
  res@qoxp.net


0
res49 (1410)
2/28/2006 2:17:04 PM
Richard E. Silverman wrote:
>Are you sure you effectively tried it with bash?  This would be the most
>logical explanation, since sshd uses "$SHELL -c ..." to execute remote
>commands

Thanks for your answer. Yes, I am sure:

[root@FOO:/bin]# ll /bin/sh
-rwxr-xr-x    1 root     root       621428 Feb 28 15:30 /bin/sh
[root@FOO:/bin]# unset $BASH_VERSION
[root@FOO:/bin]# /bin/sh -c 'echo $BASH_VERSION'
2.05b.0(1)-release


I also verified that logging in is totally silent (no motd, no output
from rc files)
to confuse sshd.

Should I be worried about these server log messages?
debug2: channel 0: write failed
debug2: channel 0: close_write
debug2: channel 0: output open -> closed

The system's root file system is read-only, but /tmp and /var are
writable
and with plenty of space.

Regards,

        Jens
--
Jens Schweikhardt  http://www.schweikhardt.net/
SIGSIG -- signature too long (core dumped)

0
usenet8 (38)
2/28/2006 3:57:25 PM
On 2006-02-28, Jens Schweikhardt <usenet@schweikhardt.net> wrote:
> Should I be worried about these server log messages?
> debug2: channel 0: write failed
> debug2: channel 0: close_write
> debug2: channel 0: output open -> closed
>
> The system's root file system is read-only, but /tmp and /var are
> writable and with plenty of space.

Maybe something in /dev?  Try strace'ing sshd and see what it's doing
when that happens.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
0
dtucker1 (251)
3/1/2006 8:59:23 AM
Darren Tucker wrote:
> On 2006-02-28, Jens Schweikhardt <usenet@schweikhardt.net> wrote:
> > Should I be worried about these server log messages?
> > debug2: channel 0: write failed
> > debug2: channel 0: close_write
> > debug2: channel 0: output open -> closed
> >
> > The system's root file system is read-only, but /tmp and /var are
> > writable and with plenty of space.
>
> Maybe something in /dev?  Try strace'ing sshd and see what it's doing
> when that happens.

Okay, here's the strace log (strace -f /sbin/sshd -d -d -d),
trimmed to the interesting part:

[...]
write(2, "debug1: session_by_channel: sess"..., 49debug1:
session_by_channel: session 0 channel 0
) = 49
write(2, "debug1: session_input_channel_re"..., 55debug1:
session_input_channel_req: session 0 req exec
) = 55
socketpair(PF_UNIX, SOCK_STREAM, 0, [8, 9]) = 0
socketpair(PF_UNIX, SOCK_STREAM, 0, [10, 11]) = 0
fork(Process 3522 attached (waiting for parent)
Process 3522 resumed (parent 3504 ready)
)                                  = 3522
[pid  3522] --- SIGSTOP (Stopped (signal)) @ 0 (0) ---
[pid  3522] setsid()                    = 3522
[pid  3522] close(9)                    = 0
[pid  3522] close(11)                   = 0
[pid  3522] dup2(8, 0)                  = 0
[pid  3522] dup2(8, 1)                  = 1
[pid  3522] dup2(10, 2)                 = 2
[pid  3522] getuid()                    = 0
[pid  3522] setgid(0)                   = 0
[pid  3522] open("/etc/group", O_RDONLY) = 9
[pid  3522] fcntl64(9, F_GETFD)         = 0
[pid  3522] fcntl64(9, F_SETFD, FD_CLOEXEC) = 0
[pid  3522] fstat64(9, {st_mode=S_IFREG|0644, st_size=247, ...}) = 0
[pid  3522] mmap(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x30017000
[pid  3522] _llseek(9, 0, [0], SEEK_CUR) = 0
[pid  3522] read(9, "root:*:0:root,admin\nbin:*:1:root"..., 4096) = 247
[pid  3522] read(9, "", 4096)           = 0
[pid  3522] close(9)                    = 0
[pid  3522] munmap(0x30017000, 4096)    = 0
[pid  3522] setgroups(5, [0, 1, 2, 3, 6]) = 0
[pid  3522] getuid()                    = 0
[pid  3522] getgid()                    = 0
[pid  3522] write(2, "debug1: permanently_set_uid: 0/0"..., 34) = 34
[pid  3522] setresgid(0, 0, 0)          = 0
[pid  3522] setresuid(0, 0, 0)          = 0
[pid  3522] getgid()                    = 0
[pid  3522] getegid()                   = 0
[pid  3522] getuid()                    = 0
[pid  3522] geteuid()                   = 0
[pid  3522] getuid()                    = 0
[pid  3522] geteuid()                   = 0
[pid  3522] open("/etc/default/login", O_RDONLY|O_LARGEFILE) = -1
ENOENT (No such file or directory)
[pid  3522] --- SIGSEGV (Segmentation fault) @ 0 (0) ---
Process 3522 detached
getsockname(4, {sa_family=AF_INET, sin_port=htons(22),
sin_addr=inet_addr("172.28.58.13")}, [16]) = 0
--- SIGCHLD (Child exited) @ 0 (0) ---
write(2, "debug1: Received SIGCHLD.\r\n", 27debug1: Received SIGCHLD.
) = 27
[...]

Obviously the child segfaults very early and thus the parent
gets a SIGCHLD and reaps the exit status. Can you tell
from this if the segfault happens in sshd code or is due to
something outside the responsibility of the sshd?

Regards,

        Jens
--
Jens Schweikhardt  http://www.schweikhardt.net/
SIGSIG -- signature too long (core dumped)

0
usenet8 (38)
3/1/2006 1:32:36 PM
I wrote:

> [pid  3522] open("/etc/default/login", O_RDONLY|O_LARGEFILE) = -1
> ENOENT (No such file or directory)
> [pid  3522] --- SIGSEGV (Segmentation fault) @ 0 (0) ---
> Process 3522 detached
> [...]

It turned out that the sshd version in openssh-3.7p1 has a NULL-pointer
dereference in session.c:child_get_env() when read_etc_default_login()
can not read the file and assign at least SUPATH and PATH. This appears
fixed in 3.9p1 where a test "if(tempenv == NULL) return;" was added.

The workaround for 3.7p1 of course is to create that file containing
these
assignments.

Regards,
         Jens
--
Jens Schweikhardt  http://www.schweikhardt.net/
SIGSIG -- signature too long (core dumped)

0
usenet8 (38)
3/1/2006 4:57:34 PM
Reply: