scp hangs
Gregory Wright
gregw at packetstorm.com
Fri Jul 26 07:45:38 EST 2002
Hello,
When running scp (from openssh-3.4p1) on our linux systems we are
experiencing hangs after authentication. According to the debug
messages, authentication succeeds but the file itself is not
transferred. Openssh is built using OpenSSL 0.9.6d.
The command
scp foo 192.168.1.111:/tmp
will hang until the connection times out.
Below are the client and server side logs. An strace of the client and
server sides (using -f to follow the child process) shows that both are
stuck in select() with NULL timeout. So they will both wait forever
until they receive some input.
Using ssh to log in interactively works fine.
The problem is shown below using password authentication, but it also
happens using RSA authentication.
We have a system with identical hardware and the same ssh installation
(Openssh-3.4p1 + OpenSSL 0.9.6d) that does shows the problem only
sporadically. On the system that generated the logs below, scp always
fails.
The one peculiarity of our system is that /var is on a separate
partition which is reformatted on boot. A skeleton /var filesystem is
copied into the new /var. This is because these systems are designed for
unattended kiosks, where the only service intervention is to cycle the
power. I have no idea if this is relevant or not, but it is a
peculiarity.
Our linux kernel is 2.4.17 and the glibc is 2.2.5. The system is built
from a Linux from Scratch "distribution".
I would appreciate knowing if anyone has seen something like this before
and how it might be worked around.
Thanks!
Best Wishes,
Greg Wright
The portion of the client strace log that shows the trouble is below. (I
can provide the rest if it helps.)
[pid 1438] close(4) = 0
[pid 1438] dup(0) = 4
[pid 1438] dup(1) = 5
[pid 1438] dup(2) = 6
[pid 1438] ioctl(4, TCGETS, 0xbffff604) = -1 EINVAL (Invalid argument)
[pid 1438] fcntl(4, F_GETFL) = 0 (flags O_RDONLY)
[pid 1438] fcntl(4, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
[pid 1438] ioctl(5, TCGETS, 0xbffff604) = -1 EINVAL (Invalid argument)
[pid 1438] fcntl(5, F_GETFL) = 0x1 (flags O_WRONLY)
[pid 1438] fcntl(5, F_SETFL, O_WRONLY|O_NONBLOCK) = 0
[pid 1438] ioctl(6, TCGETS, {B38400 opost isig icanon echo ...}) = 0
[pid 1438] gettimeofday({1027615805, 895450}, NULL) = 0
[pid 1438] rt_sigaction(SIGINT, {0x80538a4, [], SA_RESTART|0x4000000},
{SIG_DFL}, 8) = 0
[pid 1438] rt_sigaction(SIGQUIT, {0x80538a4, [], SA_RESTART|0x4000000},
{SIG_DFL}, 8) = 0
[pid 1438] rt_sigaction(SIGTERM, {0x80538a4, [], SA_RESTART|0x4000000},
{SIG_DFL}, 8) = 0
[pid 1438] select(7, [3], [3], NULL, NULL) = 1 (out [3])
[pid 1438] write(3,
"\234\231\277\177\16\315\317\207m\306\3522F\203<\275w\326"..., 64) = 64
[pid 1438] select(7, [3], [], NULL, NULL) = 1 (in [3])
[pid 1438] read(3,
"\353\246&.\207\10\276\333K\203\325\267N\207\247\266\212"..., 8192) = 48
[pid 1438] getsockname(3, {sin_family=AF_INET, sin_port=htons(2019),
sin_addr=inet_addr("192.168.1.5")}}, [16]) = 0
[pid 1438] setsockopt(3, SOL_IP, IP_TOS, [8], 4) = 0
[pid 1438] select(7, [3], [3], NULL, NULL) = 1 (out [3])
[pid 1438] write(3,
"\v{fu\371\332O\370\376O\6)\226\362\303\32I\216\32Z\t\303"..., 64) = 64
[pid 1438] select(7, [3], [], NULL, NULL
...and there it stops.
The client side log:
h> scp -v foo 192.168.1.111:/tmp
Executing: program /usr/bin/ssh host 192.168.1.111, user (unspecified),
command scp -v -t /tmp
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090604f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to 192.168.1.111 [192.168.1.111] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type 0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.4p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 116/256
debug1: bits set: 1561/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '192.168.1.111' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:41
debug1: bits set: 1556/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: userauth_pubkey_agent: testing agent key /root/.ssh/id_rsa
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: userauth_pubkey_agent: testing agent key /root/.ssh/id_dsa
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: try pubkey: /root/.ssh/id_rsa
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: try pubkey: /root/.ssh/id_dsa
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is password
root at 192.168.1.111's password:
debug1: ssh-userauth2 successful: method password
debug1: fd 4 setting O_NONBLOCK
debug1: fd 5 setting O_NONBLOCK
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
debug1: ssh_session2_setup: id 0
debug1: Sending command: scp -v -t /tmp
debug1: channel request 0: exec
debug1: channel 0: open confirm rwindow 0 rmax 32768
The server side log:
debug1: sshd version OpenSSH_3.4p1
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
socket: Address family not supported by protocol
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 192.168.1.5 port 1743
debug1: Client protocol version 2.0; client software version
OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_3.4p1
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: dh_gen_key: priv key bits set: 121/256
debug1: bits set: 1598/3191
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: bits set: 1618/3191
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user root service ssh-connection method
none
debug1: attempt 0 failures 0
Failed none for root from 192.168.1.5 port 1743 ssh2
Failed none for root from 192.168.1.5 port 1743 ssh2
debug1: userauth-request for user root service ssh-connection method
publickey
debug1: attempt 1 failures 1
debug1: test whether pkalg/pkblob are acceptable
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: trying public key file /root/.ssh/authorized_keys
debug1: restore_uid
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: trying public key file /root/.ssh/authorized_keys2
debug1: restore_uid
Failed publickey for root from 192.168.1.5 port 1743 ssh2
debug1: userauth-request for user root service ssh-connection method
publickey
debug1: attempt 2 failures 2
debug1: test whether pkalg/pkblob are acceptable
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: trying public key file /root/.ssh/authorized_keys
debug1: restore_uid
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: trying public key file /root/.ssh/authorized_keys2
debug1: restore_uid
Failed publickey for root from 192.168.1.5 port 1743 ssh2
debug1: userauth-request for user root service ssh-connection method
publickey
debug1: attempt 3 failures 3
debug1: test whether pkalg/pkblob are acceptable
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: trying public key file /root/.ssh/authorized_keys
debug1: restore_uid
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: trying public key file /root/.ssh/authorized_keys2
debug1: restore_uid
Failed publickey for root from 192.168.1.5 port 1743 ssh2
debug1: userauth-request for user root service ssh-connection method
publickey
debug1: attempt 4 failures 4
debug1: test whether pkalg/pkblob are acceptable
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: trying public key file /root/.ssh/authorized_keys
debug1: restore_uid
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: trying public key file /root/.ssh/authorized_keys2
debug1: restore_uid
Failed publickey for root from 192.168.1.5 port 1743 ssh2
debug1: userauth-request for user root service ssh-connection method
keyboard-interactive
debug1: attempt 5 failures 5
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=root devs=
debug1: kbdint_alloc: devices ''
Failed keyboard-interactive for root from 192.168.1.5 port 1743 ssh2
debug1: userauth-request for user root service ssh-connection method
password
debug1: attempt 6 failures 6
Accepted password for root from 192.168.1.5 port 1743 ssh2
debug1: monitor_child_preauth: root has been authenticated by privileged
processAccepted password for root from 192.168.1.5 port 1743 ssh2
debug1: newkeys: mode 0
debug1: newkeys: mode 1
debug1: Entering interactive session for SSH2.
debug1: fd 3 setting O_NONBLOCK
debug1: fd 7 setting O_NONBLOCK
debug1: server_init_dispatch_20
debug1: server_input_channel_open: ctype session rchan 0 win 131072 max
32768
debug1: input_session_request
debug1: channel 0: new [server-session]
debug1: session_new: init
debug1: session_new: session 0
debug1: session_open: channel 0
debug1: session_open: session 0: link with channel 0
debug1: server_input_channel_open: confirm session
Read error from remote host: Connection timed out
debug1: Calling cleanup 0x8060534(0x0)
debug1: channel_free: channel 0: server-session, nchannels 1
debug1: Calling cleanup 0x806c570(0x0)
--
Gregory Wright
Chief Technical Officer
PacketStorm Communications, Inc.
20 Meridian Road
Eatontown, New Jersey 07724
1 732 544-2434 ext. 206
1 732 544-2437 [fax]
gwright at packetstorm.com
--
Gregory Wright
Chief Technical Officer
PacketStorm Communications, Inc.
20 Meridian Road
Eatontown, New Jersey 07724
1 732 544-2434 ext. 206
1 732 544-2437 [fax]
gwright at packetstorm.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20020725/38526f0f/attachment.html
More information about the openssh-unix-dev
mailing list