Re: sshd does not die when client issues control-C or closes

From: Darren Tucker (dtucker_at_zip.com.au)
Date: 03/12/04

  • Next message: Milen Minev: "Re: Automatic ssh connections"
    Date: Sat, 13 Mar 2004 08:28:17 +1100
    To: pmyers@spectracomcorp.com
    
    

    Paul Myers wrote:

    > The SSHD Version is 3.5 and I successfully logged in using password
    > authentication.

    OpenSSH 3.5 in an OpenBSD-only release. Do you mean 3.5p1? You should
    consider using 3.7.1p2 or later because of a potential security issue:
    http://www.openssh.com/txt/buffer.adv

    > I am running an application which is sending IO to the connected PTY and
    > allowing me to issue commands to another application. BUT I really do
    > NOTHING except look at the hello world screen and hit Control-C.
    >
    > The Application dies, but the SSHD running under uClinux simply keeps
    > running. The child processes die, but uClinux port of SSHD appears to be
    > blissfully unaware of that. I am going through the code now to see why.
    >
    > There is no default child signal handler being used it appears when inetd
    > runs sshd from under uClinux. There is one defined in the code but it is not
    > used.

    I suspect that another process is still holding a descriptor open and
    sshd is waiting for it to close. Do you have "lsof" available?

    Can you run sshd in debug mode ("sshd -ddd") and see what it says? (If
    that changes the behaviour, crank LogLevel up to DEBUG in your config
    and pull the messages out of your logs).

    -- 
    Darren Tucker (dtucker at zip.com.au)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
         Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.
    

  • Next message: Milen Minev: "Re: Automatic ssh connections"

    Relevant Pages

    • RE: sshd does not die when client issues control-C or closes
      ... I have been tesing OpenSSH sshd running under uClinux using Putty, ... I set my Client Keep alive parameters to issue 4 requests every ... # Or after 1 connection deny subsequent connections up to 2 ...
      (SSH)
    • Re: how would openssh react face to an attack ?
      ... >but how would it react face to an attack? ... account after X password failures. ... if the OS doesn't support lockout then sshd doesn't either. ... Good judgement comes with experience. ...
      (comp.security.ssh)
    • Re: telnet tunnelling ssh
      ... >That host has ssh package installed and sshd up and running. ... >(All looks silly but it's the truth) ... >connection already established? ... Good judgement comes with experience. ...
      (comp.security.ssh)
    • Re: AIX 5.3 LDAP PAM PrivilegeSeperation
      ... > If we run sshd in non-privilegeseperation mode, ... > expiry, when a user is REQUIRED to change the password, when a new ... Good judgement comes with experience. ...
      (comp.security.ssh)
    • Re: PAM and SSH
      ... It appears that for sshd, sshusers would have to be their primary group ... sshd checks the supplemental group ids by using getgrouplist. ... why I suggested using two AllowGroups directives in my follow-up post. ... Good judgement comes with experience. ...
      (SSH)