RE: sshd does not die when client issues control-C or closes

From: Paul Myers (pmyers_at_spectracomcorp.com)
Date: 03/12/04

  • Next message: Wilson, Richard E: "RE: Automatic ssh connections"
    To: "'Paul Myers'" <pmyers@spectracomcorp.com>, <secureshell@securityfocus.com>
    Date: Fri, 12 Mar 2004 14:16:02 -0500
    
    

    I have been tesing OpenSSH sshd running under uClinux using Putty, Terraterm
    with ssh, and Redhat and found that whenever I close a connection with
    control-C my child shells die but the sshd -i daemon keeps running and holds
    a PTY. The sshd is launched from inetd as indicated is the default by
    uClinux makefiles.
    If I use the x to close the Putty tool both the sshd -i daemon and the child
    processes using 1 PTY keep running.
    Has anyone seen this and do you know if there might be a configuration
    issue? Also, I set my Client Keep alive parameters to issue 4 requests every
    15 seconds. But this does not shutdown the system either.
    My configuration is below. Is there something obvious about how sshd should
    terminate running under uClinux I don't know? Or have I broken something in
    linux?
    Thanks,
    Paul

    # Use defaults below.
    #Port 22
    #Protocol 2,1
    #ListenAddress 0.0.0.0
    #ListenAddress ::

    # uClinux settings
    ServerKeyBits 768
    LoginGraceTime 600
    KeyRegenerationInterval 3600

    # SSHD PID FILE
    PidFile /var/run/sshd.pid

    # Allow sshd to create an unprivileged child process to deal with
    # incoming network traffic. Used to prevent privilege escalation
    UsePrivilegeSeparation no

    # Choose to allow Password Authentication should Public Key Authentication
    # Fail or not be used
    PasswordAuthentication yes

    # Disable Root Login for security
    PermitRootLogin no

    # Control User access by listing allowed and denied Users
    # To add root you must enable PermitRootLogin above.
    AllowUsers admin config
    #DenyUsers root

    # Log Level - Default is INFO
    # Select from (QUIET, FATAL, ERROR, INFO, VERBOSE,
    # DEBUG/DEBUG1, DEBUG2, DEBUG3)
    LogLevel INFO

    # Maximum Number of Concurrent Connections
    # Or after 1 connection deny subsequent connections up to 2
    # with a 99% probablity. Note this is not really needed since
    # ioclient application and inability to get pty forbids running and kills
    # connection.
    MaxStartups 1
    #MaxStartups 1:99:2

    # Used to set timeout for ClientAlive messages and number of retries before
    # ending connection.
    KeepAlive yes
    ClientAliveInterval 15
    ClientAliveCountMax 4

    # HostKey for protocol version 1 and 2
    # Note the defaults shown below are different than the usual ones.
    #HostKey /etc/config/ssh/ssh_host_key
    #HostKey /etc/config/ssh/ssh_host_rsa_key
    #HostKey /etc/config/ssh/ssh_host_dsa_key


  • Next message: Wilson, Richard E: "RE: Automatic ssh connections"

    Relevant Pages

    • Re: sshd closes connection immediately after login
      ... on Interix. ... proceeds to close the connection. ... I have not fiddled with the sshd configuration files ... You did an OS upgrade. ...
      (comp.security.ssh)
    • RE: X11 Forwarding
      ... Upon receipt of a connection request, ... the daemon forks, creating a new process. ... I guess all those forums out there saying that sshd reads the config ... First do a "ps -f" to get the PPID ...
      (SSH)
    • sshd brake-in attempts
      ... I have been seeing some strange entries in my authlog ... sshd: illegal option -- v ... Connection from 211.218.166.200 port 2273 ... Did not receive ident string from 211.218.166.200. ...
      (Incidents)
    • Re: C/R without "leaks"
      ... sshd: to give up the connection when something goes wrong. ... server consolidation with a virtual machine, your do with containers. ...
      (Linux-Kernel)
    • problem with sshd
      ... I am trying to run sshd on powerPC/Linux ... establishes the connection, I can see sshd ... However after the client ... sends SSH2_MSG_KEXINIT, it disconnects with the ...
      (comp.security.ssh)