OpenSSH 3.9p1 hangs after authentication

From: Friedrich Lindenberg (friedrich_at_pudo.org)
Date: 12/18/04

  • Next message: Alexander Klimov: "Re: OpenSSH 3.9p1 hangs after authentication"
    Date: Sat, 18 Dec 2004 20:35:21 +0100
    To: secureshell@securityfocus.com, fedora-list@redhat.com
    
    

    Hi,

    I recently installed FC3 on my Laptop and I am experiencing a strange
    behaviour when attempting to connect to a remote server via SSH.
    Everything works fine until some point after authentication succeeded
    and a shell prompt is supposed to show up. Then SSH simply hangs, yet
    shuts down cleanly if sent SIGTERM.
    The problem does not occur with the Unix port of PuTTY, which connects
    and works smoothly.
    I tried re-compiling OpenSSH from 3.9p1 FTP Source, but that did not help.
    I also tried the MTU (as described at
    http://www.snailbook.com/faq/mtu-mismatch.auto.html) trick but the
    problem occurs both with MTU 1500 and 576. Also the problem occurs both
    via Ethernet and WLAN. Connecting with my Gentoo WS on the same subnet
    is not a problem, too.

    Here follows ssh's -vvv output:

    [friedrich@abulafia .ssh]$ ~/.prefix/bin/ssh -vvv pudo.org
    OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
    debug1: Reading configuration data /home/friedrich/.prefix/etc/ssh_config
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to pudo.org [217.172.181.146] port 22.
    debug1: Connection established.
    debug1: identity file /home/friedrich/.ssh/identity type -1
    debug1: identity file /home/friedrich/.ssh/id_rsa type -1
    debug1: identity file /home/friedrich/.ssh/id_dsa type -1
    debug1: Remote protocol version 1.99, remote software version
    OpenSSH_3.8.1p1 Debian-8.sarge.4
    debug1: match: OpenSSH_3.8.1p1 Debian-8.sarge.4 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_3.9p1
    debug2: fd 3 setting O_NONBLOCK
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug2: kex_parse_kexinit:
    diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit:
    aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit:
    aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit:
    hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit:
    hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib
    debug2: kex_parse_kexinit: none,zlib
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: kex_parse_kexinit:
    diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit:
    aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit:
    aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit:
    hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit:
    hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib
    debug2: kex_parse_kexinit: none,zlib
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: mac_init: found hmac-md5
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug2: mac_init: found hmac-md5
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug2: dh_gen_key: priv key bits set: 137/256
    debug2: bits set: 511/1024
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug3: check_host_in_hostfile: filename /home/friedrich/.ssh/known_hosts
    debug3: check_host_in_hostfile: match line 1
    debug3: check_host_in_hostfile: filename /home/friedrich/.ssh/known_hosts
    debug3: check_host_in_hostfile: match line 1
    debug1: Host 'pudo.org' is known and matches the RSA host key.
    debug1: Found key in /home/friedrich/.ssh/known_hosts:1
    debug2: bits set: 513/1024
    debug1: ssh_rsa_verify: signature correct
    debug2: kex_derive_keys
    debug2: set_newkeys: mode 1
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug2: set_newkeys: mode 0
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug2: service_accept: ssh-userauth
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug2: key: /home/friedrich/.ssh/identity ((nil))
    debug2: key: /home/friedrich/.ssh/id_rsa ((nil))
    debug2: key: /home/friedrich/.ssh/id_dsa ((nil))
    debug1: Authentications that can continue:
    publickey,password,keyboard-interactive
    debug3: start over, passed a different list
    publickey,password,keyboard-interactive
    debug3: preferred publickey,keyboard-interactive,password
    debug3: authmethod_lookup publickey
    debug3: remaining preferred: keyboard-interactive,password
    debug3: authmethod_is_enabled publickey
    debug1: Next authentication method: publickey
    debug1: Trying private key: /home/friedrich/.ssh/identity
    debug3: no such identity: /home/friedrich/.ssh/identity
    debug1: Trying private key: /home/friedrich/.ssh/id_rsa
    debug3: no such identity: /home/friedrich/.ssh/id_rsa
    debug1: Trying private key: /home/friedrich/.ssh/id_dsa
    debug3: no such identity: /home/friedrich/.ssh/id_dsa
    debug2: we did not send a packet, disable method
    debug3: authmethod_lookup keyboard-interactive
    debug3: remaining preferred: password
    debug3: authmethod_is_enabled keyboard-interactive
    debug1: Next authentication method: keyboard-interactive
    debug2: userauth_kbdint
    debug2: we sent a keyboard-interactive packet, wait for reply
    debug2: input_userauth_info_req
    debug2: input_userauth_info_req: num_prompts 1
    Password:
    debug3: packet_send2: adding 32 (len 21 padlen 11 extra_pad 64)
    debug2: input_userauth_info_req
    debug2: input_userauth_info_req: num_prompts 0
    debug3: packet_send2: adding 48 (len 10 padlen 6 extra_pad 64)
    debug1: Authentication succeeded (keyboard-interactive).
    debug1: channel 0: new [client-session]
    debug3: ssh_session2_open: channel_new: 0
    debug2: channel 0: send open
    debug1: Entering interactive session.
    debug2: callback start
    debug2: client_session2_setup: id 0
    debug2: channel 0: request pty-req confirm 0
    debug3: tty_make_modes: ospeed 38400
    debug3: tty_make_modes: ispeed 38400
    debug3: tty_make_modes: 1 3
    debug3: tty_make_modes: 2 28
    debug3: tty_make_modes: 3 127
    debug3: tty_make_modes: 4 21
    debug3: tty_make_modes: 5 4
    debug3: tty_make_modes: 6 255
    debug3: tty_make_modes: 7 255
    debug3: tty_make_modes: 8 17
    debug3: tty_make_modes: 9 19
    debug3: tty_make_modes: 10 26
    debug3: tty_make_modes: 12 18
    debug3: tty_make_modes: 13 23
    debug3: tty_make_modes: 14 22
    debug3: tty_make_modes: 18 15
    debug3: tty_make_modes: 30 0
    debug3: tty_make_modes: 31 0
    debug3: tty_make_modes: 32 0
    debug3: tty_make_modes: 33 0
    debug3: tty_make_modes: 34 0
    debug3: tty_make_modes: 35 0
    debug3: tty_make_modes: 36 1
    debug3: tty_make_modes: 37 0
    debug3: tty_make_modes: 38 1
    debug3: tty_make_modes: 39 1
    debug3: tty_make_modes: 40 0
    debug3: tty_make_modes: 41 1
    debug3: tty_make_modes: 50 1
    debug3: tty_make_modes: 51 1
    debug3: tty_make_modes: 52 0
    debug3: tty_make_modes: 53 1
    debug3: tty_make_modes: 54 1
    debug3: tty_make_modes: 55 1
    debug3: tty_make_modes: 56 0
    debug3: tty_make_modes: 57 0
    debug3: tty_make_modes: 58 0
    debug3: tty_make_modes: 59 1
    debug3: tty_make_modes: 60 1
    debug3: tty_make_modes: 61 1
    debug3: tty_make_modes: 62 0
    debug3: tty_make_modes: 70 1
    debug3: tty_make_modes: 71 0
    debug3: tty_make_modes: 72 1
    debug3: tty_make_modes: 73 0
    debug3: tty_make_modes: 74 0
    debug3: tty_make_modes: 75 0
    debug3: tty_make_modes: 90 1
    debug3: tty_make_modes: 91 1
    debug3: tty_make_modes: 92 0
    debug3: tty_make_modes: 93 0
    debug2: channel 0: request shell confirm 0
    debug2: fd 3 setting TCP_NODELAY
    debug2: callback done
    debug2: channel 0: open confirm rwindow 0 rmax 32768
    debug1: channel 0: free: client-session, nchannels 1
    debug3: channel 0: status: The following connections are open:
       #0 client-session (t4 r0 i0/0 o0/0 fd 4/5 cfd -1)

    debug3: channel 0: close_fds r 4 w 5 e 6 c -1
    Killed by signal 15.

    After having killed ssh, the server-side processes -- which seem to have
    been spawned correctly -- continue to exist.

    I would greatly appreciate any help.
    Thanks,

      Friedrich

    P.S:
    OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003


  • Next message: Alexander Klimov: "Re: OpenSSH 3.9p1 hangs after authentication"

    Relevant Pages

    • openssh3.7p1 chroot patch not work on solaris 7
      ... debug1: monitor_child_preauth: test has been authenticated by privileged process ... debug3: mm_get_keystate: Waiting for new keys ... debug2: mac_init: found hmac-sha1 ... debug1: channel 0: new ...
      (comp.unix.solaris)
    • openssh3.7p1 chroot patch not work on solaris 7
      ... debug1: monitor_child_preauth: test has been authenticated by privileged process ... debug3: mm_get_keystate: Waiting for new keys ... debug2: mac_init: found hmac-sha1 ... debug1: channel 0: new ...
      (comp.security.ssh)
    • openssh3.7p1 chroot patch not work on solaris 7
      ... debug1: monitor_child_preauth: test has been authenticated by privileged process ... debug3: mm_get_keystate: Waiting for new keys ... debug2: mac_init: found hmac-sha1 ... debug1: channel 0: new ...
      (comp.security.ssh)
    • Problem with some user autentification error on sshd
      ... debug1: Reading configuration data /etc/ssh/ssh_config ... debug2: kex_parse_kexinit: none,zlib ... debug3: check_host_in_hostfile: match line 3 ... debug1: Next authentication method: keyboard-interactive ...
      (SSH)
    • Re: ssh xterm -> HPUX fails
      ... debug1: read PEM private key done: type RSA ... debug3: preauth child monitor started ... debug2: monitor_read: 0 used once, ... debug2: channel 0: sent ext data 106 ...
      (comp.security.ssh)