Re: OpenSSH_4.5p1 on GNU/Linux: connection unexpectedly closed

No timeout is set. Living connections also die (I was scp'ing large
logfiles through local interface when the strace and debug output was

Can glibc upgrade cause problems like this? I have restarted sshd
several times after the recompilations, but not the server itself. It
is in a datacenter and I would definitely not bother with restarting
when it is not necessary...

I have noticed that statically linked sshd in a chroot'-ed environment
worked well on the same machine, but statically link the main sshd
executable is not a valid choice for me.


On 8/3/07, Njoku, George O. <njokug@xxxxxxxxxxxx> wrote:
You got a SIGKILL and connection was lost.
Try checking if ssh_config on both machines got a connection or idle timeout set.


-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On Behalf Of Adam Lantos
Sent: Thursday, August 02, 2007 9:48 AM
To: secureshell@xxxxxxxxxxxxxxxxx
Subject: OpenSSH_4.5p1 on GNU/Linux: connection unexpectedly closed


I have a serious problem with OpenSSH. I use it on kernel 2.6.18 with
grsecurity patch enabled, i686 (Gentoo GNU/Linux, Hardened profile)


When I transfer about 20Mbytes of data through ssh the connection dies
(even on localhost).
I suspect on glibc's nptl. I've tried with linuxthreads support and
still no success :( of course, all glibc update was followed by
toolchain recompilation and zlib-openssl-openssh recompilation. Guys
on gentoo-hardened mailing list couldn't help me out.

The same issue raises with compression enabled/disabled, tcpkeepalive
enabled/disabled, clientinterval enabled/disabled and firewall

Do you have any clue on what is happening here?

debug and strace outputs are attached to the end of my post


debug output gave me this on server (scp localhost - localhost):


debug2: mac_init: found hmac-sha1
debug1: kex: server->client blowfish-cbc hmac-sha1 none
debug2: mac_init: found hmac-sha1
debug1: kex: client->server blowfish-cbc hmac-sha1 none


debug2: channel 0: rcvd adjust 4096
debug2: channel 0: rcvd adjust 4096
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering

strace -fFv output gave me this on server:


[pid 17725] rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
[pid 17725] read(3,
"V\17\33s\256d\321\37\307\363\342\250\2211\355x\345\205"..., 16384) =
[pid 17725] write(2, "debug2: channel 0: rcvd adjust 4"..., 37debug2:
channel 0: rcvd adjust 4096
) = 37
[pid 7918] <... write resumed> ) = 48384
[pid 17725] +++ killed by SIGKILL +++
Process 17725 detached
[pid 7918] write(1,
"5\275\30185\30185\276\237p\270\256P\203\331\301p$p\230"..., 82688) =
-1 EPIPE (Broken pipe)
[pid 7918] --- SIGPIPE (Broken pipe) @ 0 (0) ---
Process 7918 detached
<... read resumed> 0x599ae18c, 4) = ? ERESTARTSYS (To be restarted)
--- SIGCHLD (Child exited) @ 0 (0) ---


Client says:

Read from remote host localhost: Connection reset by peer
lost connection