OpenSSH-3.5p1: sshd fails at run-time
David M. Williams
d_wllms at lanl.gov
Thu Dec 12 12:30:47 EST 2002
This is an example fo the system info:
from config.log:
## ---------- ##
## Platform. ##
## ---------- ##
hostname = somebox.domain.domain
uname -m = Power Macintosh
uname -r = 6.2
uname -s = Darwin
uname -v = Darwin Kernel Version 6.2: Tue Nov 5 22:00:03 PST 2002;
root:xnu/xnu-344.12.2.obj~1/RELE
ASE_PPC
/usr/bin/uname -p = powerpc
/bin/uname -X = unknown
/bin/arch = unknown
/usr/bin/arch -k = unknown
/usr/convex/getsysinfo = unknown
hostinfo = Mach kernel version:
Darwin Kernel Version 6.2:
Tue Nov 5 22:00:03 PST 2002; root:xnu/xnu-344.12.2.obj~1/RELEASE_PPC
Jacob Schroeder wrote:
>Dave,
>
>Again, thanks for the quick reply!
>
>I made the changes you suggested, and I still get the same thing. Below is
>the same output and then I show the /etc/ssh/sshd_config file with
>#UsePrivilegeSeparation no and #Compression no.
>
>Is there some other place where this is getting called? What I mean is are
>there any other flags I should set/unset in the sshd_config file? Is there
>a build or make option where I can tell it not to use mmap?
>
>Regarding the build and system info from the config.log file... what exactly
>do you want me to include from that, because it is a rather big file. Let
>me know and I'll be glad to post it.
>
>Thanks,
>
>Jacob
>
>
>
>bash-2.02# sshd -ddd -p 1234
>debug3: Seeding PRNG from /usr/local/libexec/ssh-rand-helper
>debug1: sshd version OpenSSH_3.5p1
>debug1: private host key: #0 type 0 RSA1
>debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
>debug1: read PEM private key done: type RSA
>debug1: private host key: #1 type 1 RSA
>debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
>debug1: read PEM private key done: type DSA
>debug1: private host key: #2 type 2 DSA
>debug1: Bind to port 1234 on 0.0.0.0.
>Server listening on 0.0.0.0 port 1234.
>Generating 768 bit RSA key.
>RSA key generation complete.
>debug1: Server will not fork when running in debugging mode.
>Connection from 172.20.1.13 port 1196
>debug1: Client protocol version 2.0; client software version OpenSSH_3.5p1
>debug1: match: OpenSSH_3.5p1 pat OpenSSH*
>debug1: Enabling compatibility mode for protocol 2.0
>debug1: Local version string SSH-1.99-OpenSSH_3.5p1
>mmap(65536): Device doesn't exist
>debug1: Calling cleanup 0x1a78c(0x0)
>
>
>bash-2.02# cat /etc/ssh/sshd_config
># $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $
>
># This is the sshd server system-wide configuration file. See
># sshd_config(5) for more information.
>
># This sshd was compiled with
>PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
>
># The strategy used for options in the default sshd_config shipped with
># OpenSSH is to specify options with their default value where
># possible, but leave them commented. Uncommented options change a
># default value.
>
>#Port 22
>#Protocol 2,1
>#ListenAddress 0.0.0.0
>#ListenAddress ::
>
># HostKey for protocol version 1
>#HostKey /etc/ssh/ssh_host_key
># HostKeys for protocol version 2
>#HostKey /etc/ssh/ssh_host_rsa_key
>#HostKey /etc/ssh/ssh_host_dsa_key
>
># Lifetime and size of ephemeral version 1 server key
>#KeyRegenerationInterval 3600
>#ServerKeyBits 768
>
># Logging
>#obsoletes QuietMode and FascistLogging
>#SyslogFacility AUTH
>#LogLevel INFO
>
># Authentication:
>
>#LoginGraceTime 120
>#PermitRootLogin yes
>#StrictModes yes
>
>#RSAAuthentication yes
>#PubkeyAuthentication yes
>#AuthorizedKeysFile .ssh/authorized_keys
>
># rhosts authentication should not be used
>#RhostsAuthentication no
># Don't read the user's ~/.rhosts and ~/.shosts files
>#IgnoreRhosts yes
># For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
>#RhostsRSAAuthentication no
># similar for protocol version 2
>#HostbasedAuthentication no
># Change to yes if you don't trust ~/.ssh/known_hosts for
># RhostsRSAAuthentication and HostbasedAuthentication
>#IgnoreUserKnownHosts no
>
># To disable tunneled clear text passwords, change to no here!
>#PasswordAuthentication yes
>#PermitEmptyPasswords no
>
># Change to no to disable s/key passwords
>#ChallengeResponseAuthentication yes
>
># Kerberos options
>#KerberosAuthentication no
>#KerberosOrLocalPasswd yes
>#KerberosTicketCleanup yes
>
>#AFSTokenPassing no
>
># Kerberos TGT Passing only works with the AFS kaserver
>#KerberosTgtPassing no
>
># Set this to 'yes' to enable PAM keyboard-interactive authentication
># Warning: enabling this may bypass the setting of 'PasswordAuthentication'
>#PAMAuthenticationViaKbdInt no
>
>#X11Forwarding no
>#X11DisplayOffset 10
>#X11UseLocalhost yes
>#PrintMotd yes
>#PrintLastLog yes
>#KeepAlive yes
>#UseLogin no
>#UsePrivilegeSeparation no
>#PermitUserEnvironment no
>#Compression no
>
>#MaxStartups 10
># no default banner path
>#Banner /some/path
>#VerifyReverseMapping no
>
># override default of no subsystems
>Subsystem sftp /usr/local/libexec/sftp-server
>bash-2.02#
>
>
>
>
>
>
>
>>-----Original Message-----
>>From: David M. Williams [mailto:d_wllms at lanl.gov]
>>Sent: Wednesday, December 11, 2002 4:11 PM
>>To: Jacob Schroeder
>>Cc: 'openssh-unix-dev at mindrot.org'
>>Subject: Re: OpenSSH-3.5p1: sshd fails at run-time
>>
>>
>>turn off Compression and PrivSeperation in your sshd_config
>>file and try
>>again. From what the the threads in June mention it looks like your
>>flavor of LynxOS has a broken mmap.
>>
>>Can you send the build and system info from the config.log
>>file created
>>in your build directory? It will help to improve the configure tests
>>for mmap.
>>
>>Dave
>>
>>Jacob Schroeder wrote:
>>
>>
>>
>>>Dave,
>>>
>>>Thanks for your quick reply!
>>>
>>>I did do this build locally. The directory /var/empty is
>>>
>>>
>>there already.
>>
>>
>>>I created the /var/run directory just now and tried again,
>>>
>>>
>>here's the latest
>>
>>
>>>output...
>>>
>>>bash-2.02# mkdir /var/run
>>>bash-2.02# cd /usr/local/sbin
>>>bash-2.02# sshd -ddd -p 1234
>>>debug3: Seeding PRNG from /usr/local/libexec/ssh-rand-helper
>>>debug1: sshd version OpenSSH_3.5p1
>>>debug1: private host key: #0 type 0 RSA1
>>>debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
>>>debug1: read PEM private key done: type RSA
>>>debug1: private host key: #1 type 1 RSA
>>>debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
>>>debug1: read PEM private key done: type DSA
>>>debug1: private host key: #2 type 2 DSA
>>>debug1: Bind to port 1234 on 0.0.0.0.
>>>Server listening on 0.0.0.0 port 1234.
>>>Generating 768 bit RSA key.
>>>RSA key generation complete.
>>>debug1: Server will not fork when running in debugging mode.
>>>Connection from 172.20.1.13 port 1186
>>>debug1: Client protocol version 2.0; client software version
>>>
>>>
>>OpenSSH_3.5p1
>>
>>
>>>debug1: match: OpenSSH_3.5p1 pat OpenSSH*
>>>debug1: Enabling compatibility mode for protocol 2.0
>>>debug1: Local version string SSH-1.99-OpenSSH_3.5p1
>>>mmap(65536): Device doesn't exist
>>>debug1: Calling cleanup 0x1a78c(0x0)
>>>bash-2.02#
>>>
>>>Looks like it's that mmap thing, I did see a few posts
>>>
>>>
>>(arguments) about
>>
>>
>>>that function in the archives, but I didn't see a solution
>>>
>>>
>>mentioned. Any
>>
>>
>>>ideas?
>>>
>>>Thanks
>>>
>>>Jacob
>>>
>>>
>>>
>>>
>>>
>>>
>>>>-----Original Message-----
>>>>From: David M. Williams [mailto:d_wllms at lanl.gov]
>>>>Sent: Wednesday, December 11, 2002 3:51 PM
>>>>To: Jacob Schroeder
>>>>Cc: 'openssh-unix-dev at mindrot.org'
>>>>Subject: Re: OpenSSH-3.5p1: sshd fails at run-time
>>>>
>>>>
>>>>Jacob,
>>>> It looks like you didn't build this version of OpenSSH
>>>>locally. Did
>>>>you get it as a tarball? If so, you are missing a few
>>>>directories like
>>>>/var/run and I would expect /var/empty. Create the two directories,
>>>>/var/empty should be 0600, and try to start sshd again.
>>>>
>>>>Dave
>>>>
>>>>Jacob Schroeder wrote:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>>Here's what I get:
>>>>>
>>>>>bash-2.02# sshd -ddd -p 1234
>>>>>debug3: Seeding PRNG from /usr/local/libexec/ssh-rand-helper
>>>>>debug1: sshd version OpenSSH_3.5p1
>>>>>debug1: private host key: #0 type 0 RSA1
>>>>>debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
>>>>>debug1: read PEM private key done: type RSA
>>>>>debug1: private host key: #1 type 1 RSA
>>>>>debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
>>>>>debug1: read PEM private key done: type DSA
>>>>>debug1: private host key: #2 type 2 DSA
>>>>>debug1: Bind to port 1234 on 0.0.0.0.
>>>>>Server listening on 0.0.0.0 port 1234.
>>>>>Generating 768 bit RSA key.
>>>>>RSA key generation complete.
>>>>>debug1: Server will not fork when running in debugging mode.
>>>>>Connection from 172.20.1.13 port 1181
>>>>>debug1: Client protocol version 2.0; client software version
>>>>>
>>>>>
>>>>>
>>>>>
>>>>OpenSSH_3.5p1
>>>>
>>>>
>>>>
>>>>
>>>>>debug1: match: OpenSSH_3.5p1 pat OpenSSH*
>>>>>debug1: Enabling compatibility mode for protocol 2.0
>>>>>debug1: Local version string SSH-1.99-OpenSSH_3.5p1
>>>>>mkstemp("/var/run/sshd.mm.XXXXXXXX"): File or directory
>>>>>
>>>>>
>>doesn't exist
>>
>>
>>>>>debug1: Calling cleanup 0x1a78c(0x0)
>>>>>bash-2.02#
>>>>>
>>>>>I have a few questions, first off, what is it that causes the
>>>>>
>>>>>
>>>>>
>>>>>
>>>>following line
>>>>
>>>>
>>>>
>>>>
>>>>>and is it serious?
>>>>>debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
>>>>>
>>>>>also, what is this one about (where it ultimately fails):
>>>>>mkstemp("/var/run/sshd.mm.XXXXXXXX"): File or directory
>>>>>
>>>>>
>>doesn't exist
>>
>>
>>>>>I know that I don't have a /var/run directory on LynxOS, so
>>>>>
>>>>>
>>>>>
>>>>>
>>>>what can I do to
>>>>
>>>>
>>>>
>>>>
>>>>>fix this?
>>>>>
>>>>>Just so you know, I am using OpenSSH-3.5p1, with
>>>>>
>>>>>
>>>>>
>>>>>
>>>>OpenSSL-0.9.6h. My OS is
>>>>
>>>>
>>>>
>>>>
>>>>>LynxOS 3.1.0a. Thanks in advance, I have already learned a
>>>>>
>>>>>
>>>>>
>>>>>
>>>>lot about SSH
>>>>>from just lurking on the archives of this list for some time.
>>>>
>>>>
>>>>
>>>>
>>>>>Jacob
>>>>>_______________________________________________
>>>>>openssh-unix-dev at mindrot.org mailing list
>>>>>http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>--
>>>>David M. Williams, CISSP Phone: 505-665-8062
>>>>Systems Engineer, CCN-2 Fax: 505-667-7428
>>>>Los Alamos National Laboratory Email: d_wllms at lanl.gov
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>--
>>David M. Williams, CISSP Phone: 505-665-8062
>>Systems Engineer, CCN-2 Fax: 505-667-7428
>>Los Alamos National Laboratory Email: d_wllms at lanl.gov
>>
>>
>>
>>
>>
>
>
>
>
--
David M. Williams, CISSP Phone: 505-665-8062
Systems Engineer, CCN-2 Fax: 505-667-7428
Los Alamos National Laboratory Email: d_wllms at lanl.gov
More information about the openssh-unix-dev
mailing list