OpenSSH bug: server debug output sent to client

Martin Kraemer Martin.Kraemer at Fujitsu-Siemens.com
Thu Apr 29 20:28:39 EST 2004 

Hello SSH developers,

When using the sshd '-d' switch, then the following problem occurs
when a connecting client uses the ssh1 protocol: part of the server's
debug output is not printed to (the server's) stderr, but delivered
to the client (to the client's stderr). Verified with the FreeBSD
version of sshd, and with sshd-3.7.1p2

--snip--server:
# /usr/sbin/sshd -ddd
debug1: sshd version OpenSSH_3.5p1 FreeBSD-20030924
...
debug1: Server will not fork when running in debugging mode.
debug1: res_init()
Connection from 127.0.0.1 port 2959
debug1: Client protocol version 1.5; client software version OpenSSH_3.5p1 FreeBSD-20030924
...
Found matching RSA1 key: 6e:b3:aa:3c:0a:8e:74:f3:de:da:f2:0c:39:d6:f0:19
Accepted rsa for martin from 127.0.0.1 port 2959
...
debug1: session_new: init
debug1: session_new: session 0
debug1: Installing crc compensation attack detector.
debug1: Exec command 'id'
debug1: PAM: setting PAM_TTY to "(null)"
debug1: PAM: establishing credentials
debug1: Entering interactive session.
debug1: fd 8 setting O_NONBLOCK
debug2: fd 8 is O_NONBLOCK
debug1: fd 10 setting O_NONBLOCK
debug1: Received SIGCHLD.
debug1: fd 4 setting O_NONBLOCK
debug1: fd 9 setting O_NONBLOCK
debug1: server_init_dispatch_13
debug1: server_init_dispatch_15
debug1: End of interactive session; stdin 0, stdout (read 147, sent 147), stderr 649 bytes.
...
--snip--

--snip--client:
$ ssh -1 localhost id
debug3: Copy environment: PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin:/usr/X11R6/bin:/home/martin/bin
debug3: Copy environment: MAIL=/var/mail/martin
debug3: Copy environment: BLOCKSIZE=K
debug3: Copy environment: FTP_PASSIVE_MODE=YES
debug1: PAM: retrieving environment
Environment:
  USER=martin
  LOGNAME=martin
  HOME=/home/martin
  MAIL=/var/mail/martin
  PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin:/usr/X11R6/bin:/home/martin/bin
  TERM=su
  BLOCKSIZE=K
  FTP_PASSIVE_MODE=YES
  SHELL=/bin/tcsh
  SSH_CLIENT=127.0.0.1 2959 22
  SSH_CONNECTION=127.0.0.1 2959 127.0.0.1 22
uid=2800(martin) gid=1001(kraemer) groups=1001(kraemer), 0(wheel), 5(operator), 68(dialer), 1005(com5), 2000(cvs), 3000(machines), 3001(domainadm)
--snip--

The expected output would have been just the "uid=2800..." line

   Martin
-- 
<Martin.Kraemer at Fujitsu-Siemens.com>         |     Fujitsu Siemens
Fon: +49-89-636-46021, FAX: +49-89-636-47655 | 81730  Munich,  Germany

More information about the openssh-unix-dev mailing list