OpenSSH-3.5p1: sshd fails at run-time

Ben Lindstrom mouring at etoh.eviladmin.org
Thu Dec 12 13:57:58 EST 2002 

You need to uncomment them for it to take affect.  The commented versions
shows what the defaults are.

- Ben

On Wed, 11 Dec 2002, Jacob Schroeder wrote:

> Dave,
>
> Again, thanks for the quick reply!
>
> I made the changes you suggested, and I still get the same thing.  Below is
> the same output and then I show the /etc/ssh/sshd_config file with
> #UsePrivilegeSeparation no and #Compression no.
>
> Is there some other place where this is getting called?  What I mean is are
> there any other flags I should set/unset in the sshd_config file?  Is there
> a build or make option where I can tell it not to use mmap?
>
> Regarding the build and system info from the config.log file... what exactly
> do you want me to include from that, because it is a rather big file.  Let
> me know and I'll be glad to post it.
>
> Thanks,
>
> Jacob
>
>
>
> bash-2.02# sshd -ddd -p 1234
> debug3: Seeding PRNG from /usr/local/libexec/ssh-rand-helper
> debug1: sshd version OpenSSH_3.5p1
> debug1: private host key: #0 type 0 RSA1
> debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
> debug1: read PEM private key done: type RSA
> debug1: private host key: #1 type 1 RSA
> debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
> debug1: read PEM private key done: type DSA
> debug1: private host key: #2 type 2 DSA
> debug1: Bind to port 1234 on 0.0.0.0.
> Server listening on 0.0.0.0 port 1234.
> Generating 768 bit RSA key.
> RSA key generation complete.
> debug1: Server will not fork when running in debugging mode.
> Connection from 172.20.1.13 port 1196
> debug1: Client protocol version 2.0; client software version OpenSSH_3.5p1
> debug1: match: OpenSSH_3.5p1 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-1.99-OpenSSH_3.5p1
> mmap(65536): Device doesn't exist
> debug1: Calling cleanup 0x1a78c(0x0)
>
>
> bash-2.02# cat /etc/ssh/sshd_config
> #       $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $
>
> # This is the sshd server system-wide configuration file.  See
> # sshd_config(5) for more information.
>
> # This sshd was compiled with
> PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
>
> # The strategy used for options in the default sshd_config shipped with
> # OpenSSH is to specify options with their default value where
> # possible, but leave them commented.  Uncommented options change a
> # default value.
>
> #Port 22
> #Protocol 2,1
> #ListenAddress 0.0.0.0
> #ListenAddress ::
>
> # HostKey for protocol version 1
> #HostKey /etc/ssh/ssh_host_key
> # HostKeys for protocol version 2
> #HostKey /etc/ssh/ssh_host_rsa_key
> #HostKey /etc/ssh/ssh_host_dsa_key
>
> # Lifetime and size of ephemeral version 1 server key
> #KeyRegenerationInterval 3600
> #ServerKeyBits 768
>
> # Logging
> #obsoletes QuietMode and FascistLogging
> #SyslogFacility AUTH
> #LogLevel INFO
>
> # Authentication:
>
> #LoginGraceTime 120
> #PermitRootLogin yes
> #StrictModes yes
>
> #RSAAuthentication yes
> #PubkeyAuthentication yes
> #AuthorizedKeysFile     .ssh/authorized_keys
>
> # rhosts authentication should not be used
> #RhostsAuthentication no
> # Don't read the user's ~/.rhosts and ~/.shosts files
> #IgnoreRhosts yes
> # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
> #RhostsRSAAuthentication no
> # similar for protocol version 2
> #HostbasedAuthentication no
> # Change to yes if you don't trust ~/.ssh/known_hosts for
> # RhostsRSAAuthentication and HostbasedAuthentication
> #IgnoreUserKnownHosts no
>
> # To disable tunneled clear text passwords, change to no here!
> #PasswordAuthentication yes
> #PermitEmptyPasswords no
>
> # Change to no to disable s/key passwords
> #ChallengeResponseAuthentication yes
>
> # Kerberos options
> #KerberosAuthentication no
> #KerberosOrLocalPasswd yes
> #KerberosTicketCleanup yes
>
> #AFSTokenPassing no
>
> # Kerberos TGT Passing only works with the AFS kaserver
> #KerberosTgtPassing no
>
> # Set this to 'yes' to enable PAM keyboard-interactive authentication
> # Warning: enabling this may bypass the setting of 'PasswordAuthentication'
> #PAMAuthenticationViaKbdInt no
>
> #X11Forwarding no
> #X11DisplayOffset 10
> #X11UseLocalhost yes
> #PrintMotd yes
> #PrintLastLog yes
> #KeepAlive yes
> #UseLogin no
> #UsePrivilegeSeparation no
> #PermitUserEnvironment no
> #Compression no
>
> #MaxStartups 10
> # no default banner path
> #Banner /some/path
> #VerifyReverseMapping no
>
> # override default of no subsystems
> Subsystem       sftp    /usr/local/libexec/sftp-server
> bash-2.02#
>
>
>
>
>
> >-----Original Message-----
> >From: David M. Williams [mailto:d_wllms at lanl.gov]
> >Sent: Wednesday, December 11, 2002 4:11 PM
> >To: Jacob Schroeder
> >Cc: 'openssh-unix-dev at mindrot.org'
> >Subject: Re: OpenSSH-3.5p1: sshd fails at run-time
> >
> >
> >turn off Compression and PrivSeperation in your sshd_config
> >file and try
> >again.  From what the the threads in June mention it looks like your
> >flavor of LynxOS has a broken mmap.
> >
> >Can you send the build and system info from the config.log
> >file created
> >in your build directory?  It will help to improve the configure tests
> >for mmap.
> >
> >Dave
> >
> >Jacob Schroeder wrote:
> >
> >>Dave,
> >>
> >>Thanks for your quick reply!
> >>
> >>I did do this build locally.  The directory /var/empty is
> >there already.
> >>
> >>I created the /var/run directory just now and tried again,
> >here's the latest
> >>output...
> >>
> >>bash-2.02# mkdir /var/run
> >>bash-2.02# cd /usr/local/sbin
> >>bash-2.02# sshd -ddd -p 1234
> >>debug3: Seeding PRNG from /usr/local/libexec/ssh-rand-helper
> >>debug1: sshd version OpenSSH_3.5p1
> >>debug1: private host key: #0 type 0 RSA1
> >>debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
> >>debug1: read PEM private key done: type RSA
> >>debug1: private host key: #1 type 1 RSA
> >>debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
> >>debug1: read PEM private key done: type DSA
> >>debug1: private host key: #2 type 2 DSA
> >>debug1: Bind to port 1234 on 0.0.0.0.
> >>Server listening on 0.0.0.0 port 1234.
> >>Generating 768 bit RSA key.
> >>RSA key generation complete.
> >>debug1: Server will not fork when running in debugging mode.
> >>Connection from 172.20.1.13 port 1186
> >>debug1: Client protocol version 2.0; client software version
> >OpenSSH_3.5p1
> >>debug1: match: OpenSSH_3.5p1 pat OpenSSH*
> >>debug1: Enabling compatibility mode for protocol 2.0
> >>debug1: Local version string SSH-1.99-OpenSSH_3.5p1
> >>mmap(65536): Device doesn't exist
> >>debug1: Calling cleanup 0x1a78c(0x0)
> >>bash-2.02#
> >>
> >>Looks like it's that mmap thing, I did see a few posts
> >(arguments) about
> >>that function in the archives, but I didn't see a solution
> >mentioned.  Any
> >>ideas?
> >>
> >>Thanks
> >>
> >>Jacob
> >>
> >>
> >>
> >>
> >>>-----Original Message-----
> >>>From: David M. Williams [mailto:d_wllms at lanl.gov]
> >>>Sent: Wednesday, December 11, 2002 3:51 PM
> >>>To: Jacob Schroeder
> >>>Cc: 'openssh-unix-dev at mindrot.org'
> >>>Subject: Re: OpenSSH-3.5p1: sshd fails at run-time
> >>>
> >>>
> >>>Jacob,
> >>>   It looks like you didn't build this version of OpenSSH
> >>>locally.  Did
> >>>you get it as a tarball?  If so, you are missing a few
> >>>directories like
> >>>/var/run and I would expect /var/empty.  Create the two directories,
> >>>/var/empty should be 0600, and try to start sshd again.
> >>>
> >>>Dave
> >>>
> >>>Jacob Schroeder wrote:
> >>>
> >>>
> >>>
> >>>>Here's what I get:
> >>>>
> >>>>bash-2.02# sshd -ddd -p 1234
> >>>>debug3: Seeding PRNG from /usr/local/libexec/ssh-rand-helper
> >>>>debug1: sshd version OpenSSH_3.5p1
> >>>>debug1: private host key: #0 type 0 RSA1
> >>>>debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
> >>>>debug1: read PEM private key done: type RSA
> >>>>debug1: private host key: #1 type 1 RSA
> >>>>debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
> >>>>debug1: read PEM private key done: type DSA
> >>>>debug1: private host key: #2 type 2 DSA
> >>>>debug1: Bind to port 1234 on 0.0.0.0.
> >>>>Server listening on 0.0.0.0 port 1234.
> >>>>Generating 768 bit RSA key.
> >>>>RSA key generation complete.
> >>>>debug1: Server will not fork when running in debugging mode.
> >>>>Connection from 172.20.1.13 port 1181
> >>>>debug1: Client protocol version 2.0; client software version
> >>>>
> >>>>
> >>>OpenSSH_3.5p1
> >>>
> >>>
> >>>>debug1: match: OpenSSH_3.5p1 pat OpenSSH*
> >>>>debug1: Enabling compatibility mode for protocol 2.0
> >>>>debug1: Local version string SSH-1.99-OpenSSH_3.5p1
> >>>>mkstemp("/var/run/sshd.mm.XXXXXXXX"): File or directory
> >doesn't exist
> >>>>debug1: Calling cleanup 0x1a78c(0x0)
> >>>>bash-2.02#
> >>>>
> >>>>I have a few questions, first off, what is it that causes the
> >>>>
> >>>>
> >>>following line
> >>>
> >>>
> >>>>and is it serious?
> >>>>debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
> >>>>
> >>>>also, what is this one about (where it ultimately fails):
> >>>>mkstemp("/var/run/sshd.mm.XXXXXXXX"): File or directory
> >doesn't exist
> >>>>I know that I don't have a /var/run directory on LynxOS, so
> >>>>
> >>>>
> >>>what can I do to
> >>>
> >>>
> >>>>fix this?
> >>>>
> >>>>Just so you know, I am using OpenSSH-3.5p1, with
> >>>>
> >>>>
> >>>OpenSSL-0.9.6h.  My OS is
> >>>
> >>>
> >>>>LynxOS 3.1.0a.  Thanks in advance, I have already learned a
> >>>>
> >>>>
> >>>lot about SSH
> >>>>from just lurking on the archives of this list for some time.
> >>>
> >>>
> >>>>Jacob
> >>>>_______________________________________________
> >>>>openssh-unix-dev at mindrot.org mailing list
> >>>>http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>--
> >>>David M. Williams, CISSP		Phone: 505-665-8062
> >>>Systems Engineer, CCN-2			Fax:   505-667-7428
> >>>Los Alamos National Laboratory		Email: d_wllms at lanl.gov
> >>>
> >>>
> >>>
> >>>
> >>>
> >>
> >>
> >>
> >>
> >
> >--
> >David M. Williams, CISSP		Phone: 505-665-8062
> >Systems Engineer, CCN-2			Fax:   505-667-7428
> >Los Alamos National Laboratory		Email: d_wllms at lanl.gov
> >
> >
> >
> _______________________________________________
> openssh-unix-dev at mindrot.org mailing list
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
>

More information about the openssh-unix-dev mailing list