SEGV in Dropbear v2016.74 when connect with HostKeyAlgorithms=ssh-dss or HostKeyAlgorithms=ssh-dss
Konstantin Lazarev
cnlazarev at gmail.com
Sat Jan 28 03:14:03 AWST 2017
Hi Matt,
The SEGV was related to the size of insufficient stack set for the dropbear
flat binary.
After setting stack to 32K problem is not observed any more. SSH client
login with key parameters is working as expected.
Thank you,
Konstantin Lazarev.
On Wed, Jan 18, 2017 at 2:32 PM, Konstantin Lazarev <cnlazarev at gmail.com>
wrote:
> Hi Matt,
>
> Dropbear is usually running under inetd in our system. I provide
> foreground run only for debug output. When dropbear runs from inetd SSH
> client either received connection rejection or nothing because dropbear
> crush.
> And when default algo is used ecdsa-sha2-nistp521 is reported by client.
> Please see log:
> $ ssh -v root at 172.17.152.20
>
> OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g 1 Mar 2016
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: /etc/ssh/ssh_config line 19: Applying options for *
> debug1: Connecting to 172.17.152.20 [172.17.152.20] port 22.
> debug1: Connection established.
> debug1: key_load_public: No such file or directory
> debug1: identity file /home//.ssh/id_rsa type
> -1
>
>
>
> debug1: key_load_public: No such file or directory
>
>
>
>
> debug1: identity file /home//.ssh/id_rsa-cert type
> -1
>
>
>
> debug1: key_load_public: No such file or directory
>
>
>
>
> debug1: identity file /home//.ssh/id_dsa type
> -1
>
>
>
> debug1: key_load_public: No such file or directory
>
>
>
>
> debug1: identity file /home//.ssh/id_dsa-cert type
> -1
>
>
>
> debug1: key_load_public: No such file or directory
>
>
>
>
> debug1: identity file /home//.ssh/id_ecdsa type
> -1
>
>
>
> debug1: key_load_public: No such file or directory
>
>
>
>
> debug1: identity file /home//.ssh/id_ecdsa-cert type
> -1
>
>
>
> debug1: key_load_public: No such file or directory
>
>
>
>
> debug1: identity file /home//.ssh/id_ed25519 type
> -1
>
>
>
> debug1: key_load_public: No such file or directory
>
>
>
>
> debug1: identity file /home//.ssh/id_ed25519-cert type
> -1
>
>
>
> debug1: Enabling compatibility mode for protocol
> 2.0
>
>
>
> debug1: Local version string SSH-2.0-OpenSSH_7.2p2
> Ubuntu-4ubuntu2.1
>
>
>
> debug1: Remote protocol version 2.0, remote software version
> dropbear_2016.74
>
>
>
> debug1: no match: dropbear_2016.74
>
>
>
>
> debug1: Authenticating to 172.17.152.20:22 as
> 'root'
>
>
>
> debug1: SSH2_MSG_KEXINIT sent
>
>
>
>
> debug1: SSH2_MSG_KEXINIT received
>
>
>
>
> debug1: kex: algorithm: curve25519-sha256 at libssh.org
>
>
>
>
> debug1: kex: host key algorithm: ecdsa-sha2-nistp521
>
>
>
>
> debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256
> compression: none
>
>
> debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256
> compression: none
>
>
> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
>
>
>
>
> debug1: Server host key: ecdsa-sha2-nistp521 SHA256:F7fYb86a+/
> mzH75THk014kULrbPL93EVj4jwpKsngso
>
>
>
> The authenticity of host '172.17.152.20 (172.17.152.20)' can't be
> established.
>
>
>
> ECDSA key fingerprint is SHA256:F7fYb86a+/mzH75THk014kULrbPL93EVj4jwpKsn
> gso.
>
>
>
> Are you sure you want to continue connecting (yes/no)?
> yes
>
>
>
> Warning: Permanently added '172.17.152.20' (ECDSA) to the list of known
> hosts.
>
>
>
> debug1: rekey after 4294967296 blocks
>
>
>
>
> debug1: SSH2_MSG_NEWKEYS sent
>
>
>
>
> debug1: expecting SSH2_MSG_NEWKEYS
>
>
>
>
> debug1: rekey after 4294967296 blocks
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue: publickey,password
> debug1: Next authentication method: publickey
> debug1: Trying private key: /home//.ssh/id_rsa
> debug1: Trying private key: /home//.ssh/id_dsa
> debug1: Trying private key: /home//.ssh/id_ecdsa
> debug1: Trying private key: /home//.ssh/id_ed25519
> debug1: Next authentication method: password
> root at 172.17.152.20's password:
> debug1: Authentication succeeded (password).
> Authenticated to 172.17.152.20 ([172.17.152.20]:22).
> debug1: channel 0: new [client-session]
> debug1: Entering interactive session.
> debug1: pledge: network
> debug1: Sending environment.
> debug1: Sending env LANG = en_US.UTF-8
>
>
> [root at 172.17.152.20: ]#
>
> Regards,
> Konstantin Lazarev.
>
>
> On Wed, Jan 18, 2017 at 5:13 AM, Matt Johnston <matt at ucc.asn.au> wrote:
>
>> Hi Konstantin,
>>
>> Would you be able to run Dropbear under inetd and see if that helps?
>> uClinux generally requires that - though it's not obvious to me how it
>> could cause this crash.
>> Is there any chance of getting a backtrace where it is crashing? The RSA
>> and DSS crashes are at different spots, so I guess some global state might
>> be getting corrupted.
>> When it successfully runs (no HostKeyAlgorithms) I assume it is using
>> ecdsa for the hostkey?
>>
>> Cheers,
>> Matt
>>
>>
>> On Wed 18/1/2017, at 8:53 am, Konstantin Lazarev <cnlazarev at gmail.com>
>> wrote:
>>
>> Hello,
>>
>> I see consistent SEGV when running Dropbear v2016.74 in uClinux 2.6.33 on
>> ARMv7m-cortex-m4 processor
>> Faults happen only if client specifying HostKeyAlgorithms option.
>> Please see verbose output from client and dropbear:
>>
>> [root at 172.17.152.20: ]# dropbear -V
>> Dropbear v2016.74
>>
>> ---------------------------------------- from client
>> ------------------------------------------------------------
>> ---------------
>> $ssh -v -o HostKeyAlgorithms=ssh-dss root at 172.17.152.20
>> OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g 1 Mar 2016
>> debug1: Reading configuration data /etc/ssh/ssh_config
>> debug1: /etc/ssh/ssh_config line 19: Applying options for *
>> debug1: Connecting to 172.17.152.20 [172.17.152.20] port 22.
>> debug1: Connection established.
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_rsa type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_rsa-cert type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_dsa type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_dsa-cert type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_ecdsa type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_ecdsa-cert type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_ed25519 type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_ed25519-cert type -1
>> debug1: Enabling compatibility mode for protocol 2.0
>> debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1
>> debug1: Remote protocol version 2.0, remote software version
>> dropbear_2016.74
>> debug1: no match: dropbear_2016.74
>> debug1: Authenticating to 172.17.152.20:22 as 'root'
>> debug1: SSH2_MSG_KEXINIT sent
>> debug1: SSH2_MSG_KEXINIT received
>> debug1: kex: algorithm: curve25519-sha256 at libssh.org
>> debug1: kex: host key algorithm: ssh-dss
>> debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256
>> compression: none
>> debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256
>> compression: none
>> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
>> Connection closed by 172.17.152.20 port 22
>>
>> ---------------------------------------- from dropbear
>> ------------------------------------------------------------
>> ---------------
>> [root at 172.17.152.20: ]# dropbear -v -F
>> TRACE (2934) 0.000000: enter buf_get_rsa_priv_key
>> TRACE (2934) 0.000702: enter buf_get_rsa_pub_key
>> TRACE (2934) 0.003142: leave buf_get_rsa_pub_key: success
>> TRACE (2934) 0.006667: leave buf_get_rsa_priv_key
>> TRACE (2934) 0.007364: leave loadhostkey
>> TRACE (2934) 0.008475: enter buf_get_dss_pub_key
>> TRACE (2934) 0.029568: leave buf_get_dss_pub_key: success
>> TRACE (2934) 0.030491: leave loadhostkey
>> TRACE (2934) 0.031491: enter buf_get_ecdsa_priv_key
>> TRACE (2934) 0.032079: enter buf_get_ecc_raw_pubkey
>> TRACE (2934) 0.037565: leave buf_get_ecdsa_pub_key
>> TRACE (2934) 0.038492: leave loadhostkey
>> TRACE (2934) 0.049830: Disabling key type 2
>> TRACE (2934) 0.050450: Disabling key type 3
>> TRACE (2934) 0.110221: listensockets: 1 to try
>> TRACE (2934) 0.111137: listening on ':22'
>> TRACE (2934) 0.111844: enter dropbear_listen
>> TRACE (2934) 0.112368: dropbear_listen: all interfaces
>> TRACE (2934) 0.113916: bind(22) failed
>> TRACE (2934) 0.114629: leave dropbear_listen: success, 1 socks bound
>> TRACE (2934) 0.115578: set_listen_fast_open failed for socket 3:
>> Protocol not available
>> [2934] Jan 01 00:16:07 Not backgrounding
>> [2934] Jan 01 00:16:12 Child connection from 172.17.163.3:42180
>> TRACE (2934) 5.057261: enter session_init
>> TRACE (2934) 5.058028: setnonblocking: 5
>> TRACE (2934) 5.058726: leave setnonblocking
>> TRACE (2934) 5.059736: setnonblocking: 5
>> TRACE (2934) 5.060404: leave setnonblocking
>> TRACE (2934) 5.060983: update_channel_prio
>> TRACE (2934) 5.061525: update_channel_prio: not any
>> TRACE (2934) 5.062037: Dropbear priority transitioning 10 -> 11
>> TRACE (2934) 5.062814: setnonblocking: 3
>> TRACE (2934) 5.063414: leave setnonblocking
>> TRACE (2934) 5.063894: setnonblocking: 6
>> TRACE (2934) 5.064461: leave setnonblocking
>> TRACE (2934) 5.065835: leave session_init
>> TRACE (2934) 5.066793: kexinitialise()
>> TRACE (2934) 5.067877: DATAALLOWED=0
>> TRACE (2934) 5.068411: -> KEXINIT
>> TRACE (2934) 5.069399: enter set_connect_fds
>> TRACE (2934) 5.070012: maybe_empty_reply_queue - no data allowed
>> TRACE (2934) 5.070558: enter handle_connect_fds
>> TRACE (2934) 5.071036: leave handle_connect_fds - end iter
>> TRACE (2934) 5.071895: empty queue dequeing
>> TRACE (2934) 5.073045: enter set_connect_fds
>> TRACE (2934) 5.073657: enter ident_readln
>> TRACE (2934) 5.077698: leave ident_readln: return 40
>> TRACE (2934) 5.078328: remoteident: SSH-2.0-OpenSSH_7.2p2
>> Ubuntu-4ubuntu2.1
>> TRACE (2934) 5.079270: maybe_empty_reply_queue - no data allowed
>> TRACE (2934) 5.079801: enter handle_connect_fds
>> TRACE (2934) 5.080287: leave handle_connect_fds - end iter
>> TRACE (2934) 5.080824: enter set_connect_fds
>> TRACE (2934) 5.081611: process_packet: packet type = 20, len 1048
>> TRACE (2934) 5.082330: got expected packet 20 during kexinit
>> TRACE (2934) 5.082944: <- KEXINIT
>> TRACE (2934) 5.083440: enter recv_msg_kexinit
>> TRACE (2934) 5.084130: buf_match_algo: curve25519-sha256 at libssh.org,e
>> cdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diff
>> ie-hellman-group-exchange-sha256,diffie-hellman-group-exchan
>> ge-sha1,diffie-hellman-group14-sha1,ext-info-c
>> TRACE (2934) 5.084896: kexguess2 1
>> TRACE (2934) 5.085457: kex algo curve25519-sha256 at libssh.org
>> TRACE (2934) 5.086025: buf_match_algo: ssh-dss
>> TRACE (2934) 5.086588: hostkey algo ssh-dss
>> TRACE (2934) 5.087174: buf_match_algo: chacha20-poly1305 at openssh.com,
>> aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com,aes2
>> 56-gcm at openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
>> TRACE (2934) 5.087844: enc c2s is aes128-ctr
>> TRACE (2934) 5.088424: buf_match_algo: chacha20-poly1305 at openssh.com,
>> aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com,aes2
>> 56-gcm at openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
>> TRACE (2934) 5.089247: enc s2c is aes128-ctr
>> TRACE (2934) 5.089838: buf_match_algo: umac-64-etm at openssh.com,umac-1
>> 28-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-5
>> 12-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64 at openssh.com,
>> umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
>> TRACE (2934) 5.090572: hash c2s is hmac-sha2-256
>> TRACE (2934) 5.091158: buf_match_algo: umac-64-etm at openssh.com,umac-1
>> 28-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-5
>> 12-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64 at openssh.com,
>> umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
>> TRACE (2934) 5.091877: hash s2c is hmac-sha2-256
>> TRACE (2934) 5.092456: buf_match_algo: none,zlib at openssh.com,zlib
>> TRACE (2934) 5.093025: hash c2s is none
>> TRACE (2934) 5.093598: buf_match_algo: none,zlib at openssh.com,zlib
>> TRACE (2934) 5.094179: hash s2c is none
>> TRACE (2934) 5.094836: leave recv_msg_kexinit
>> TRACE (2934) 5.095394: maybe_empty_reply_queue - no data allowed
>> TRACE (2934) 5.095885: enter handle_connect_fds
>> TRACE (2934) 5.096379: leave handle_connect_fds - end iter
>> TRACE (2934) 5.096902: enter set_connect_fds
>> TRACE (2934) 5.097611: process_packet: packet type = 30, len 42
>> TRACE (2934) 5.098344: got expected packet 30 during kexinit
>> TRACE (2934) 5.099060: enter recv_msg_kexdh_init
>> TRACE (2934) 5.099589: enter send_msg_kexdh_reply
>> TRACE (2934) 5.234566: enter buf_put_dss_sign
>> TRACE (2934) 5.336603: leave buf_put_dss_sign
>> TRACE (2934) 5.337367: leave send_msg_kexdh_reply
>> TRACE (2934) 5.337903: enter send_msg_newkeys
>> TRACE (2934) 5.338527: enter gen_new_keys
>> Aiee, segfault! You should probably report this as a bug to the developer
>> [root at 172.17.152.20: ]#
>>
>>
>> ---------------------------------------- from client
>> ------------------------------------------------------------
>> ---------------
>> $ ssh -v -o HostKeyAlgorithms=ssh-rsa root at 172.17.152.20
>> OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g 1 Mar 2016
>> debug1: Reading configuration data /etc/ssh/ssh_config
>> debug1: /etc/ssh/ssh_config line 19: Applying options for *
>> debug1: Connecting to 172.17.152.20 [172.17.152.20] port 22.
>> debug1: Connection established.
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_rsa type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_rsa-cert type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_dsa type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_dsa-cert type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_ecdsa type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_ecdsa-cert type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_ed25519 type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file /home//.ssh/id_ed25519-cert type -1
>> debug1: Enabling compatibility mode for protocol 2.0
>> debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.1
>> debug1: Remote protocol version 2.0, remote software version
>> dropbear_2016.74
>> debug1: no match: dropbear_2016.74
>> debug1: Authenticating to 172.17.152.20:22 as 'root'
>> debug1: SSH2_MSG_KEXINIT sent
>> debug1: SSH2_MSG_KEXINIT received
>> debug1: kex: algorithm: curve25519-sha256 at libssh.org
>> debug1: kex: host key algorithm: ssh-rsa
>> debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256
>> compression: none
>> debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256
>> compression: none
>> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
>> Connection closed by 172.17.152.20 port 22
>>
>> ---------------------------------------- from dropbear
>> ------------------------------------------------------------
>> ---------------
>> [root at 172.17.152.20: ]# dropbear -v -F
>> TRACE (3066) 0.000000: enter buf_get_rsa_priv_key
>> TRACE (3066) 0.000692: enter buf_get_rsa_pub_key
>> TRACE (3066) 0.003467: leave buf_get_rsa_pub_key: success
>> TRACE (3066) 0.007054: leave buf_get_rsa_priv_key
>> TRACE (3066) 0.007749: leave loadhostkey
>> TRACE (3066) 0.008958: enter buf_get_dss_pub_key
>> TRACE (3066) 0.011581: leave buf_get_dss_pub_key: success
>> TRACE (3066) 0.012362: leave loadhostkey
>> TRACE (3066) 0.013428: enter buf_get_ecdsa_priv_key
>> TRACE (3066) 0.014002: enter buf_get_ecc_raw_pubkey
>> TRACE (3066) 0.019249: leave buf_get_ecdsa_pub_key
>> TRACE (3066) 0.020103: leave loadhostkey
>> TRACE (3066) 0.020569: Disabling key type 2
>> TRACE (3066) 0.021071: Disabling key type 3
>> TRACE (3066) 0.059965: listensockets: 1 to try
>> TRACE (3066) 0.061012: listening on ':22'
>> TRACE (3066) 0.061761: enter dropbear_listen
>> TRACE (3066) 0.062337: dropbear_listen: all interfaces
>> TRACE (3066) 0.064058: bind(22) failed
>> TRACE (3066) 0.064837: leave dropbear_listen: success, 1 socks bound
>> TRACE (3066) 0.065962: set_listen_fast_open failed for socket 3:
>> Protocol not available
>> [3066] Jan 01 00:18:21 Not backgrounding
>> [3066] Jan 01 00:18:23 Child connection from 172.17.163.3:42554
>> TRACE (3066) 2.443367: enter session_init
>> TRACE (3066) 2.444121: setnonblocking: 5
>> TRACE (3066) 2.444770: leave setnonblocking
>> TRACE (3066) 2.445351: setnonblocking: 5
>> TRACE (3066) 2.445970: leave setnonblocking
>> TRACE (3066) 2.446569: update_channel_prio
>> TRACE (3066) 2.447120: update_channel_prio: not any
>> TRACE (3066) 2.447636: Dropbear priority transitioning 10 -> 11
>> TRACE (3066) 2.448406: setnonblocking: 3
>> TRACE (3066) 2.449024: leave setnonblocking
>> TRACE (3066) 2.449518: setnonblocking: 6
>> TRACE (3066) 2.450104: leave setnonblocking
>> TRACE (3066) 2.451526: leave session_init
>> TRACE (3066) 2.452468: kexinitialise()
>> TRACE (3066) 2.453758: DATAALLOWED=0
>> TRACE (3066) 2.454296: -> KEXINIT
>> TRACE (3066) 2.454825: enter set_connect_fds
>> TRACE (3066) 2.455418: maybe_empty_reply_queue - no data allowed
>> TRACE (3066) 2.455931: enter handle_connect_fds
>> TRACE (3066) 2.456436: leave handle_connect_fds - end iter
>> TRACE (3066) 2.457321: empty queue dequeing
>> TRACE (3066) 2.458488: enter set_connect_fds
>> TRACE (3066) 2.459096: enter ident_readln
>> TRACE (3066) 2.463414: leave ident_readln: return 40
>> TRACE (3066) 2.464057: remoteident: SSH-2.0-OpenSSH_7.2p2
>> Ubuntu-4ubuntu2.1
>> TRACE (3066) 2.464651: maybe_empty_reply_queue - no data allowed
>> TRACE (3066) 2.465149: enter handle_connect_fds
>> TRACE (3066) 2.465624: leave handle_connect_fds - end iter
>> TRACE (3066) 2.466161: enter set_connect_fds
>> TRACE (3066) 2.466961: process_packet: packet type = 20, len 1048
>> TRACE (3066) 2.467688: got expected packet 20 during kexinit
>> TRACE (3066) 2.468301: <- KEXINIT
>> TRACE (3066) 2.468759: enter recv_msg_kexinit
>> TRACE (3066) 2.469425: buf_match_algo: curve25519-sha256 at libssh.org,e
>> cdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diff
>> ie-hellman-group-exchange-sha256,diffie-hellman-group-exchan
>> ge-sha1,diffie-hellman-group14-sha1,ext-info-c
>> TRACE (3066) 2.470150: kexguess2 1
>> TRACE (3066) 2.470744: kex algo curve25519-sha256 at libssh.org
>> TRACE (3066) 2.471337: buf_match_algo: ssh-rsa
>> TRACE (3066) 2.471917: hostkey algo ssh-rsa
>> TRACE (3066) 2.472489: buf_match_algo: chacha20-poly1305 at openssh.com,
>> aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com,aes2
>> 56-gcm at openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
>> TRACE (3066) 2.473777: enc c2s is aes128-ctr
>> TRACE (3066) 2.474389: buf_match_algo: chacha20-poly1305 at openssh.com,
>> aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm at openssh.com,aes2
>> 56-gcm at openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
>> TRACE (3066) 2.475073: enc s2c is aes128-ctr
>> TRACE (3066) 2.475668: buf_match_algo: umac-64-etm at openssh.com,umac-1
>> 28-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-5
>> 12-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64 at openssh.com,
>> umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
>> TRACE (3066) 2.476384: hash c2s is hmac-sha2-256
>> TRACE (3066) 2.476967: buf_match_algo: umac-64-etm at openssh.com,umac-1
>> 28-etm at openssh.com,hmac-sha2-256-etm at openssh.com,hmac-sha2-5
>> 12-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-64 at openssh.com,
>> umac-128 at openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
>> TRACE (3066) 2.477690: hash s2c is hmac-sha2-256
>> TRACE (3066) 2.478301: buf_match_algo: none,zlib at openssh.com,zlib
>> TRACE (3066) 2.478884: hash c2s is none
>> TRACE (3066) 2.479439: buf_match_algo: none,zlib at openssh.com,zlib
>> TRACE (3066) 2.480033: hash s2c is none
>> TRACE (3066) 2.480702: leave recv_msg_kexinit
>> TRACE (3066) 2.481229: maybe_empty_reply_queue - no data allowed
>> TRACE (3066) 2.481743: enter handle_connect_fds
>> TRACE (3066) 2.482215: leave handle_connect_fds - end iter
>> TRACE (3066) 2.482777: enter set_connect_fds
>> TRACE (3066) 2.483639: process_packet: packet type = 30, len 42
>> TRACE (3066) 2.484336: got expected packet 30 during kexinit
>> TRACE (3066) 2.484948: enter recv_msg_kexdh_init
>> TRACE (3066) 2.485459: enter send_msg_kexdh_reply
>> TRACE (3066) 2.486015: enter buf_put_rsa_pub_key
>> TRACE (3066) 2.492135: leave buf_put_rsa_pub_key
>> TRACE (3066) 2.596695: enter buf_put_rsa_pub_key
>> TRACE (3066) 2.602879: leave buf_put_rsa_pub_key
>> TRACE (3066) 2.606368: enter buf_put_rsa_sign
>> Aiee, segfault! You should probably report this as a bug to the developer
>>
>>
>> Please advise how to fix the problem in Dropbear.
>>
>> Please let me know if additional information is needed.
>>
>> Thank you,
>> Konstantin Lazarev.
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20170127/dcc743cf/attachment-0001.htm
More information about the Dropbear
mailing list