Daniel Khan wrote:
> after some weeks of operation and updates one server of mine needed a
> reboot.
> Now authentification with public key causes a segfault.

One of those updates didn't happen to be an openssl one, did it? Since
it's while reading keys that's a good place to start looking.

I vaguely recall a problem on amd64 (in the asm?), although it should
not be in the current openssl. (Found it in the list archives, it was a
SIGFPE not SEGV so it's probably not related.

> // Messagelog on node1:
> Mar 15 11:21:14 [sshd] Connection from port 37281
> Mar 15 11:21:14 [kernel] sshd[1817]: segfault at 0000000000000003 rip
> 0000002a9615274d rsp 0000007fbfffc290 error 6


Your best bet is to get a stack trace of sshd using gdb. To do this, as
root (I'm using port 2022 for this example):

# gdb /path/to/sshd
(gdb) set args -ddd -p 2022 -o useprivilegeseparation=no
(gdb) run
[now connect and wait for the failure]
(gdb) backtrace

> // Public key file:
> -rw------- 1 root root 2.4K Mar 15 11:02 /root/.ssh/authorized_keys2

That looks to have changed recently, does the problem persist if you
remove the recent entries?

> Any ideas?

4.0p1 is out, you could try that.

Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

openssh-unix-dev mailing list