Re: OpenSSH_4.5p1 on GNU/Linux: connection unexpectedly closed

No timeout is set. Living connections also die (I was scp'ing large
logfiles through local interface when the strace and debug output was

Can glibc upgrade cause problems like this? I have restarted sshd
several times after the recompilations, but not the server itself. It
is in a datacenter and I would definitely not bother with restarting
when it is not necessary...

I have noticed that statically linked sshd in a chroot'-ed environment
worked well on the same machine, but statically link the main sshd
executable is not a valid choice for me.


On 8/3/07, Njoku, George O. <njokug@xxxxxxxxxxxx> wrote:
You got a SIGKILL and connection was lost.
Try checking if ssh_config on both machines got a connection or idle timeout set.


-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Adam Lantos
Sent: Thursday, August 02, 2007 9:48 AM
To: secureshell@xxxxxxxxxxxxxxxxx
Subject: OpenSSH_4.5p1 on GNU/Linux: connection unexpectedly closed


I have a serious problem with OpenSSH. I use it on kernel 2.6.18 with
grsecurity patch enabled, i686 (Gentoo GNU/Linux, Hardened profile)


When I transfer about 20Mbytes of data through ssh the connection dies
(even on localhost).
I suspect on glibc's nptl. I've tried with linuxthreads support and
still no success :( of course, all glibc update was followed by
toolchain recompilation and zlib-openssl-openssh recompilation. Guys
on gentoo-hardened mailing list couldn't help me out.

The same issue raises with compression enabled/disabled, tcpkeepalive
enabled/disabled, clientinterval enabled/disabled and firewall

Do you have any clue on what is happening here?

debug and strace outputs are attached to the end of my post


debug output gave me this on server (scp localhost - localhost):


debug2: mac_init: found hmac-sha1
debug1: kex: server->client blowfish-cbc hmac-sha1 none
debug2: mac_init: found hmac-sha1
debug1: kex: client->server blowfish-cbc hmac-sha1 none


debug2: channel 0: rcvd adjust 4096
debug2: channel 0: rcvd adjust 4096
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering

strace -fFv output gave me this on server:


[pid 17725] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid 17725] read(3,
"V\17\33s\256d\321\37\307\363\342\250\2211\355x\345\205"..., 16384) =
[pid 17725] write(2, "debug2: channel 0: rcvd adjust 4"..., 37debug2:
channel 0: rcvd adjust 4096
) = 37
[pid 7918] <... write resumed> ) = 48384
[pid 17725] +++ killed by SIGKILL +++
Process 17725 detached
[pid 7918] write(1,
"5\275\30185\30185\276\237p\270\256P\203\331\301p$p\230"..., 82688) =
-1 EPIPE (Broken pipe)
[pid 7918] --- SIGPIPE (Broken pipe) @ 0 (0) ---
Process 7918 detached
<... read resumed> 0x599ae18c, 4) = ? ERESTARTSYS (To be restarted)
--- SIGCHLD (Child exited) @ 0 (0) ---


Client says:

Read from remote host localhost: Connection reset by peer
lost connection

Relevant Pages

  • Can ce4.2 Emulator using Com1 and debug by evC++
    ... my faced problems: ... the Created Connection prompt msg ... i have tried some recommends in "disable debug output serial" ... by the way,the PB Configure Emulator Download Service-> Serial Port1: ...
  • Re: ssh port forwarding problem
    ... I mean that the connection works fine for a while (I can continuously surf ... > SS> ssh connection will drop sometimes in a matter of minutes. ... > debug output from the server. ...
  • Profile - anonymousIdentification = true kills db connection
    ... As I attempted to use the built Profile feature to store some user ... Whenever I set this flag, the db connection would fail, even though ... debug output of the db connection string in Connections config still ... Removing the flag and the db connection works again. ...
  • Re: Modem logs on, but cant be used
    ... Sep 26 20:45:53 localhost network: Setting network parameters: succeeded ... Sep 26 20:48:00 localhost pppd: Serial connection established. ... alias usb-controller1 ehci-hcd ... # Example - obey only what nisplus tells us... ...
  • Re: Local http proxy
    ... network connection and type 'ipconfig' in your command prompt. ... starts TCP/IP stack and you're able to ping localhost. ... > with the pocket internet explorer. ...