mysterious connection breakdown - resolved
Tino Schwarze
tino.schwarze at informatik.tu-chemnitz.de
Tue May 7 18:15:52 EST 2002
On Tue, May 07, 2002 at 10:22:44AM +1000, Damien Miller wrote:
> > I was able to get things working. I do not get "Corrupted check bytes on
> > input" any more. I'm not sure what the cause was though. First, I
> > installed OpenSSH 3.1p1. Then, I explicitly disabled anything not
> > needed: ssh -2 -4 -a -n -T -x $host $script
>
> Can you post a full debug trace "ssh -v -v -v host"? We can't really
> debug if we don't see the full error.
I tried to construct a test script and got all kinds of silly behaviour!
:-( Often, the remote sshd just hung. After killing it, I got mailed
some of the output of my script but not all. I could not get it to work
on the command line though - redirecting stdin, stdout and stderr did
not help. The error appears only when run from cron.
Here are two examples (including the script triggering the bug).
The first one produced a hanging sshd without any childs - I had to kill
it.
>----------------trace.sshbug.1--------------
From: root at agricola-gymnasium.de (Cron Daemon)
To: tisc at agricola-gymnasium.de
Subject: Cron <root at fserver> /root/bugtrace.ssh
X-Cron-Env: <MAILTO=tisc>
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <HOME=/root>
X-Cron-Env: <PATH=/usr/bin:/bin>
X-Cron-Env: <LOGNAME=root>
Status: RO
Content-Length: 3594
Lines: 116
+++ 07.05,10:02 - we currently execute this script:
#!/bin/bash
#
# test des SSH-Bugs
function log_event ()
{
echo "+++ `date +%d.%m,%H:%M` - $*"
}
if [ "$1" = "remote" ] ; then
log_event " we're on the remote host."
# just some random messages to produce output
echo cleaning $MOVEDFILES
echo cp /dev/null "$MOVEDFILES"
echo cleaning $CHANGEDFILES
echo cp /dev/null "$CHANGEDFILES"
#echo set -x
#set -x
echo starting
sleep 5
log_event " remote script ended."
exit 0
fi
log_event " we currently execute this script:"
cat $0
log_event " copying script to remote host."
scp $0 www-intern:$0
log_event " running script on remote host"
ssh -v -v -v www-intern $0 remote
# it works this way:
#ssh -2 -4 -a -n -T -x www-intern $0 remote
log_event " done."
+++ 07.05,10:02 - copying script to remote host.
+++ 07.05,10:02 - running script on remote host
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 0 geteuid 0 anon 1
debug1: Connecting to www-intern [10.1.2.1] port 22.
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /root/.ssh/identity type 0
debug1: identity file /root/.ssh/id_rsa type 0
debug3: Not a RSA1 key file /root/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: no key found
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: no key found
debug1: identity file /root/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.1p1
debug1: match: OpenSSH_3.1p1 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.1p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'www-intern' is known and matches the RSA1 host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: Encryption type: blowfish
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying RSA authentication with key '/root/.ssh/identity'
debug1: Received RSA challenge from server.
debug1: Sending response to host key RSA challenge.
debug1: Remote: RSA authentication accepted.
debug1: RSA authentication accepted by server.
debug3: clear hostkey 0
debug3: clear hostkey 1
debug3: clear hostkey 2
debug1: Sending command: /root/bugtrace.ssh remote
debug1: Entering interactive session.
debug2: fd 0 is O_NONBLOCK
debug1: fd 1 setting O_NONBLOCK
debug2: fd 2 is O_NONBLOCK
+++ 07.05,10:02 - we're on the remote host.
cleaning
cp /dev/null
cleaning
cp /dev/null
starting
Disconnecting: Corrupted check bytes on input.
debug1: Calling cleanup 0x80645c0(0x0)
+++ 07.05,10:04 - done.
>----------------trace.sshbug.1--------------
If I uncomment the "set -x", then I get (and don't need to kill sshd).
>----------------trace.sshbug.2--------------
From: root at agricola-gymnasium.de (Cron Daemon)
To: tisc at agricola-gymnasium.de
Subject: Cron <root at fserver> /root/bugtrace.ssh
X-Cron-Env: <MAILTO=tisc>
X-Cron-Env: <SHELL=/bin/sh>
X-Cron-Env: <HOME=/root>
X-Cron-Env: <PATH=/usr/bin:/bin>
X-Cron-Env: <LOGNAME=root>
Status: RO
Content-Length: 3520
Lines: 112
+++ 07.05,10:09 - we currently execute this script:
#!/bin/bash
#
# test des SSH-Bugs
function log_event ()
{
echo "+++ `date +%d.%m,%H:%M` - $*"
}
if [ "$1" = "remote" ] ; then
log_event " we're on the remote host."
# just some random messages to produce output
#echo cleaning $MOVEDFILES
#echo cp /dev/null "$MOVEDFILES"
#echo cleaning $CHANGEDFILES
#echo cp /dev/null "$CHANGEDFILES"
#echo set -x
set -x
echo starting
sleep 5
log_event " remote script ended."
exit 0
fi
log_event " we currently execute this script:"
cat $0
log_event " copying script to remote host."
scp $0 www-intern:$0
log_event " running script on remote host"
ssh -v -v -v www-intern $0 remote
# it works this way:
#ssh -2 -4 -a -n -T -x www-intern $0 remote
log_event " done."
+++ 07.05,10:09 - copying script to remote host.
+++ 07.05,10:09 - running script on remote host
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 0 geteuid 0 anon 1
debug1: Connecting to www-intern [10.1.2.1] port 22.
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /root/.ssh/identity type 0
debug1: identity file /root/.ssh/id_rsa type 0
debug3: Not a RSA1 key file /root/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: no key found
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: no key found
debug1: identity file /root/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.1p1
debug1: match: OpenSSH_3.1p1 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.1p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'www-intern' is known and matches the RSA1 host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: Encryption type: blowfish
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying RSA authentication with key '/root/.ssh/identity'
debug1: Received RSA challenge from server.
debug1: Sending response to host key RSA challenge.
debug1: Remote: RSA authentication accepted.
debug1: RSA authentication accepted by server.
debug3: clear hostkey 0
debug3: clear hostkey 1
debug3: clear hostkey 2
debug1: Sending command: /root/bugtrace.ssh remote
debug1: Entering interactive session.
debug2: fd 0 is O_NONBLOCK
debug1: fd 1 setting O_NONBLOCK
debug2: fd 2 is O_NONBLOCK
+ echo starting
+ sleep 5
Disconnecting: Corrupted check bytes on input.
debug1: Calling cleanup 0x80645c0(0x0)
+++ 07.05,10:09 - done.
>----------------trace.sshbug.2--------------
--
* LINUX - Where do you want to be tomorrow? *
http://www.tu-chemnitz.de/linux/tag/
More information about the openssh-unix-dev
mailing list