sshd Connection Failures - 2 June Snapshot (amd64)

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

sshd Connection Failures - 2 June Snapshot (amd64)

Scott Vanderbilt-2
Hello.

Commencing with the 2 June snapshot just upgraded (from 31 May), I can
no longer access the host via ssh. Attempts from multiple clients
(OpenSSH 6.2p2 and Putty 0.67) fail consistently.

On the host side, authlog contains entries like this:

    Jun 4 13:29:46 foo sshd[12307]: Connection closed by XXX.XXX.XXX.XXX
port 58964 [preauth]

On client side, from OpenSSH 6.2p2, connection attempts are met with:

    host mismatch
    key_verify failed for server_host key

whereas, from putty 0.67, the following error occurs:

    Server's host key did not match the signature supplied

No recent changes in configuration have occurred on the host or any
client machine. The only change has been the snapshot update on the
host. I see nothing relevant in current.html. Host dmesg is included below.

Can anyone kindly suggest how I can track down the source of the
problem? Many thanks in advance.


=================================================================

OpenBSD 6.0-beta (GENERIC.MP) #2165: Thu Jun  2 08:37:59 MDT 2016
     [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4186652672 (3992MB)
avail mem = 4055142400 (3867MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.6 @ 0xe92a0 (93 entries)
bios0: vendor American Megatrends Inc. version "0402" date 07/18/2011
bios0: ASUSTeK Computer INC. P8H61-M LX
acpi0 at bios0: rev 2
acpi0: sleep states S0 S1 S3 S4 S5
acpi0: tables DSDT FACP APIC SSDT MCFG HPET
acpi0: wakeup devices UAR1(S4) PS2K(S4) PS2M(S4) BR20(S3) EUSB(S4)
P0P3(S4) P0P4(S4) P0P1(S4) P0P2(S4) PEX0(S4) PEX1(S4) PEX2(S4) PEX3(S4)
PEX4(S4) PEX5(S4) PEX6(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Celeron(R) CPU G530 @ 2.40GHz, 2394.90 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,XSAVE,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Celeron(R) CPU G530 @ 2.40GHz, 2394.56 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,POPCNT,DEADLINE,XSAVE,NXE,LONG,LAHF,PERF,ITSC,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 0 pa 0xfec00000, version 20, 24 pins
acpimcfg0 at acpi0 addr 0xe0000000, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (P0P3)
acpiprt2 at acpi0: bus -1 (P0P4)
acpiprt3 at acpi0: bus 1 (P0P1)
acpiprt4 at acpi0: bus -1 (P0P2)
acpiprt5 at acpi0: bus 2 (PEX0)
acpiprt6 at acpi0: bus 3 (PEX1)
acpiprt7 at acpi0: bus 4 (PEX2)
acpiprt8 at acpi0: bus 6 (PEX4)
acpicpu0 at acpi0: C3(350@104 mwait.3@0x20), C2(500@80 mwait.3@0x10),
C1(1000@1 halt), PSS
acpicpu1 at acpi0: C3(350@104 mwait.3@0x20), C2(500@80 mwait.3@0x10),
C1(1000@1 halt), PSS
"PNP0400" at acpi0 not configured
"PNP0501" at acpi0 not configured
"PNP0303" at acpi0 not configured
"PNP0F03" at acpi0 not configured
"INT3F0D" at acpi0 not configured
acpibtn0 at acpi0: PWRB
"PNP0C14" at acpi0 not configured
acpivideo0 at acpi0: GFX0
acpivout0 at acpivideo0: DD02
cpu0: Enhanced SpeedStep 2394 MHz: speeds: 2400, 2300, 2200, 2100, 2000,
1900, 1800, 1700, 1600 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Core 2G Host" rev 0x09
ppb0 at pci0 dev 1 function 0 "Intel Core 2G PCIE" rev 0x09: msi
pci1 at ppb0 bus 1
inteldrm0 at pci0 dev 2 function 0 "Intel HD Graphics 2000" rev 0x09
drm0 at inteldrm0
inteldrm0: msi
inteldrm0: 1280x1024
wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
"Intel 6 Series MEI" rev 0x04 at pci0 dev 22 function 0 not configured
ehci0 at pci0 dev 26 function 0 "Intel 6 Series USB" rev 0x05: apic 0 int 23
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 "Intel 6 Series HD Audio" rev 0x05: msi
azalia0: codecs: Realtek/0x0887
audio0 at azalia0
ppb1 at pci0 dev 28 function 0 "Intel 6 Series PCIE" rev 0xb5: msi
pci2 at ppb1 bus 2
"Realtek RTL8192CE" rev 0x01 at pci2 dev 0 function 0 not configured
ppb2 at pci0 dev 28 function 1 "Intel 6 Series PCIE" rev 0xb5: msi
pci3 at ppb2 bus 3
ppb3 at pci0 dev 28 function 2 "Intel 6 Series PCIE" rev 0xb5: msi
pci4 at ppb3 bus 4
re0 at pci4 dev 0 function 0 "Realtek 8168" rev 0x06: RTL8168E/8111E-VL
(0x2c80), msi, address 14:da:e9:b7:15:30
rgephy0 at re0 phy 7: RTL8169S/8110S/8211 PHY, rev. 5
ppb4 at pci0 dev 28 function 3 "Intel 6 Series PCIE" rev 0xb5: msi
pci5 at ppb4 bus 5
ppb5 at pci0 dev 28 function 4 "Intel 82801BA Hub-to-PCI" rev 0xb5: msi
pci6 at ppb5 bus 6
ppb6 at pci0 dev 28 function 5 "Intel 6 Series PCIE" rev 0xb5: msi
pci7 at ppb6 bus 7
ehci1 at pci0 dev 29 function 0 "Intel 6 Series USB" rev 0x05: apic 0 int 23
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1
pcib0 at pci0 dev 31 function 0 "Intel H61 LPC" rev 0x05
pciide0 at pci0 dev 31 function 2 "Intel 6 Series SATA" rev 0x05: DMA,
channel 0 configured to native-PCI, channel 1 configured to native-PCI
pciide0: using apic 0 int 20 for native-PCI interrupt
wd0 at pciide0 channel 0 drive 0: <INTEL SSDSC2BW120A4>
wd0: 16-sector PIO, LBA48, 114473MB, 234441648 sectors
wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 6
ichiic0 at pci0 dev 31 function 3 "Intel 6 Series SMBus" rev 0x05: apic
0 int 18
iic0 at ichiic0
spdmem0 at iic0 addr 0x50: 2GB DDR3 SDRAM PC3-10600
spdmem1 at iic0 addr 0x52: 2GB DDR3 SDRAM PC3-10600
pciide1 at pci0 dev 31 function 5 "Intel 6 Series SATA" rev 0x05: DMA,
channel 0 wired to native-PCI, channel 1 wired to native-PCI
pciide1: using apic 0 int 20 for native-PCI interrupt
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
wbsio0 at isa0 port 0x2e/2: NCT6776F rev 0x33
lm1 at wbsio0 port 0x290/8: NCT6776F
uhub2 at uhub0 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2
uhub3 at uhub1 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
root on wd0a (766cf76462667bec.a) swap on wd0b dump on wd0b

Reply | Threaded
Open this post in threaded view
|

Re: sshd Connection Failures - 2 June Snapshot (amd64)

Alex Greif-2
Hi,
I have the same problem...

Just installed current (amd64 install60.iso 2016-06-02 17:13 226M) on my
Macbooc Pro 10.10.5 in a VirtualBox VM.
SSH-ing into it brings the described error.

$ uname -a
Darwin my.fritz.box 14.5.0 Darwin Kernel Version 14.5.0:
Mon Jan 11 18:48:35 PST 2016; root:xnu-2782.50.2~1/RELEASE_X86_64
x86_64

$ ssh -V
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011

$ ssh -p 2225 root@localhost -vvv
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 105: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [::1] port 2225.
debug1: connect to address ::1 port 2225: Connection refused
debug1: Connecting to localhost [127.0.0.1] port 2225.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/Users/agreif/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /Users/agreif/.ssh/id_rsa type 1
debug1: identity file /Users/agreif/.ssh/id_rsa-cert type -1
debug1: identity file /Users/agreif/.ssh/id_dsa type -1
debug1: identity file /Users/agreif/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2
debug1: match: OpenSSH_7.2 pat OpenSSH*
debug2: fd 5 setting O_NONBLOCK
debug3: put_host_port: [localhost]:2225
debug3: load_hostkeys: loading entries for host "[localhost]:2225" from file "/Users/agreif/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /Users/agreif/.ssh/known_hosts:69
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: [hidden email],[hidden email],ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: [hidden email],[hidden email],ssh-rsa,[hidden email],[hidden email],ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[hidden email],[hidden email],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[hidden email]
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,[hidden email],[hidden email],aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[hidden email]
debug2: kex_parse_kexinit: [hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],hmac-md5,hmac-sha1,[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[hidden email],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: [hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],hmac-md5,hmac-sha1,[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,[hidden email],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[hidden email],zlib
debug2: kex_parse_kexinit: none,[hidden email],zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: [hidden email],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: [hidden email],aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],[hidden email]
debug2: kex_parse_kexinit: [hidden email],aes128-ctr,aes192-ctr,aes256-ctr,[hidden email],[hidden email]
debug2: kex_parse_kexinit: [hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: [hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],[hidden email],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: none,[hidden email]
debug2: kex_parse_kexinit: none,[hidden email]
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found [hidden email]
debug1: kex: server->client aes128-ctr [hidden email] none
debug2: mac_setup: found [hidden email]
debug1: kex: client->server aes128-ctr [hidden email] none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 152/320
debug2: bits set: 1051/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 4d:34:bd:c2:1d:74:5b:58:fc:e5:2a:3c:69:4d:e2:c5
debug3: put_host_port: [127.0.0.1]:2225
debug3: put_host_port: [localhost]:2225
debug3: load_hostkeys: loading entries for host "[localhost]:2225" from file "/Users/agreif/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /Users/agreif/.ssh/known_hosts:69
debug3: load_hostkeys: loaded 1 keys
debug1: Host '[localhost]:2225' is known and matches the RSA host key.
debug1: Found key in /Users/agreif/.ssh/known_hosts:69
debug2: bits set: 1043/2048
hash mismatch
debug1: ssh_rsa_verify: signature incorrect
key_verify failed for server_host_key


Alex.

Reply | Threaded
Open this post in threaded view
|

Re: sshd Connection Failures - 2 June Snapshot (amd64)

Darren Tucker
On Sun, Jun 5, 2016 at 7:40 AM, Alex Greif <[hidden email]> wrote:
[...]
> hash mismatch
> debug1: ssh_rsa_verify: signature incorrect
> key_verify failed for server_host_key

Thanks for the report.  We believe we've identified the problem and
backed out the offending commit in usr.bin/ssh/kexgexs.c rev 1.29.

The original change was this one to kexgexs.c:

revision 1.28
date: 2016/06/01 04:19:49;  author: dtucker;  state: Exp;  lines: +9
-9;  commitid: H7nQMlahTocwHINf;
Check min and max sizes sent by the client against what we support before
passing them to the monitor.  ok djm@

It caused the problem because it modified the value that had already
been sent to the client so it computed the exchange hash it didn't
match what the server computed.

It didn't cause more problems (or fail the regression tests, which I
ran, honest!) because any client that send a min group size >-
DH_GRP_MIN (2048 since OpenBSD 5.9) thus didn't cause the min value to
be modified, and any client that preferred another key exchange method
(most recent versions of OpenSSH) never triggered the problem.

Sorry for the inconvenience.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.