older versions of OpenSSH periodically kill the connection when multiple channels are opened

Darren Tucker dtucker at dtucker.net
Wed Oct 13 15:03:13 AEDT 2021 

On Wed, 13 Oct 2021 at 14:07, Terra Frost <terrafrost at gmail.com> wrote:
> Sometimes when I connect to older OpenSSH servers the server closes the
> connection. Doing "sudo /usr/sbin/sshd -ddd -p2222 &" gives me the
> following error:
>
> > debug1: Unable to open session: The name org.freedesktop.ConsoleKit was
> not provided by any .service files

Exactly which version are you seeing this with?  AFAICT no version of
OpenSSH shipped by the OpenSSH team contains that debug message.

> Here's the full error log that the OpenSSH server is providing:

This is not the full log, if it was the sshd version identifier would
be present.

[...]
> debug1: Allocating pty.
> debug3: mm_request_send entering: type 28

>From monitor.h this is MONITOR_REQ_PTY.

> debug3: mm_pty_allocate: waiting for MONITOR_ANS_PTY
> debug3: mm_request_receive_expect entering: type 29
> debug3: mm_request_receive entering

29 is indeed MONITOR_ANS_PTY

> debug1: Unable to open session: The name org.freedesktop.ConsoleKit was not
provided by any .service files

as mentioned above this message is not present in stock OpenSSH.

> debug3: mm_request_send entering: type 157

monitor.h does not define a type 157.  Debian's gssapi patch defines
up to 153 and its selinux patch defines 154 so this is something else
again.

> debug3: mm_request_receive entering
> debug3: monitor_read: checking request 28
> debug3: mm_answer_pty entering
> debug2: session_new: allocate (allocated 1 max 10)
> debug3: session_unused: session id 1 unused
> debug1: session_new: session 1
> debug3: mm_request_send entering: type 29
> debug3: mm_answer_pty: tty /dev/pts/3 ptyfd 9
> mm_request_receive_expect: read: rtype 157 != type 29

This looks to me like the monitor and the unprivileged process are
getting out of sync although it's not clear why.

> debug1: unregistering ConsoleKit session (null)

this is also not from the stock OpenSSH code.

> I haven't seen this issue on SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.8 or
> later versions but, none-the-less, this error is causing some unit tests to
> fail, intermittently.

That's a version that doesn't have the problem.  Which versions do
have the problem?

> Should I make it so that the client won't open up multiple channels on
> versions of OpenSSH older than 7.2?

That's up to you, but it looks like this problem is specific to a
vendor modified version.

-- 
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

More information about the openssh-unix-dev mailing list