There was a big SSH vulnerability that Debian patched for stable and I believe that they patched for testing and unstable. I would suggest that you read about the vulnerability to see what features they might have turned off. Jeff Rasmussen -----Original Message----- From: Callum Lerwick [mailto:seg at haxxed.com] Sent: Tuesday, September 23, 2003 6:08 PM To: tclug-list at mn-linux.org Subject: [TCLUG] Total system breakage Okay, last night two of my boxes, both running debian testing went down in an interesting manner. They've stopped authenticating remotely. I can log in on console, but I can't ssh nor FTP in. (Running proftp) Email seems to work though, one's running wu-imap and the other courier-imap. The only thing significant I've done is doing an apt-get update yesterday on one, and a few days ago on another. Trying to update it now doesn't find anything new. Am I the only one getting this? It would seem to point at PAM, I'm not getting anything in the logs, nor is sshd -ddd telling me anything's wrong. It just hangs. Probably a package broke in testing, but I'm concerned I got nailed by some worm. ;P Its a pain in the ass to work on because I have to stand around in the living room for one box, and the other is 100 miles away. :P I'll have to try reverting packages to woody versions by hand or something. This is what I get with -vvv, though after a while it seems to start just refusing connections, though sshd hasn't crashed or complained about anything. $ ssh -vvv marvin OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090701f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: ssh_connect: needpriv 0 debug1: Connecting to marvin [192.168.0.1] port 22. debug1: Connection established. debug1: identity file /home/seg/.ssh/identity type -1 debug1: identity file /home/seg/.ssh/id_rsa type -1 debug1: identity file /home/seg/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.6.1p2 Debian 1:3.6.1p2-3 debug1: match: OpenSSH_3.6.1p2 Debian 1:3.6.1p2-3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.5p1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r ijndael-cbc at lysator.liu.se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r ijndael-cbc at lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hm ac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hm ac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r ijndael-cbc at lysator.liu.se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r ijndael-cbc at lysator.liu.se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hm ac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hm ac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: dh_gen_key: priv key bits set: 129/256 debug1: bits set: 1618/3191 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /home/seg/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug3: check_host_in_hostfile: filename /home/seg/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host 'marvin' is known and matches the RSA host key. debug1: Found key in /home/seg/.ssh/known_hosts:1 debug1: bits set: 1629/3191 debug1: ssh_rsa_verify: signature correct debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: done: ssh_kex2. debug1: send SSH2_MSG_SERVICE_REQUEST debug1: service_accept: ssh-userauth debug1: got SSH2_MSG_SERVICE_ACCEPT It just hangs forever here. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20030924/352b5508/attachment.html