<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=US-ASCII">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2653.12">
<TITLE>RE: [TCLUG] Total system breakage</TITLE>
</HEAD>
<BODY>
<BR>
<P><FONT SIZE=2>There was a big SSH vulnerability that Debian patched for stable and I believe that they patched for testing and unstable.</FONT></P>
<P><FONT SIZE=2>I would suggest that you read about the vulnerability to see what features they might have turned off.</FONT>
</P>
<P><FONT SIZE=2>Jeff Rasmussen</FONT>
</P>
<P><FONT SIZE=2>-----Original Message-----</FONT>
<BR><FONT SIZE=2>From: Callum Lerwick [<A HREF="mailto:seg@haxxed.com">mailto:seg@haxxed.com</A>]</FONT>
<BR><FONT SIZE=2>Sent: Tuesday, September 23, 2003 6:08 PM</FONT>
<BR><FONT SIZE=2>To: tclug-list@mn-linux.org</FONT>
<BR><FONT SIZE=2>Subject: [TCLUG] Total system breakage</FONT>
</P>
<BR>
<P><FONT SIZE=2>Okay, last night two of my boxes, both running debian testing went down</FONT>
<BR><FONT SIZE=2>in an interesting manner. They've stopped authenticating remotely. I can</FONT>
<BR><FONT SIZE=2>log in on console, but I can't ssh nor FTP in. (Running proftp) Email</FONT>
<BR><FONT SIZE=2>seems to work though, one's running wu-imap and the other courier-imap.</FONT>
</P>
<P><FONT SIZE=2>The only thing significant I've done is doing an apt-get update</FONT>
<BR><FONT SIZE=2>yesterday on one, and a few days ago on another. Trying to update it now</FONT>
<BR><FONT SIZE=2>doesn't find anything new.</FONT>
</P>
<P><FONT SIZE=2>Am I the only one getting this? It would seem to point at PAM, I'm not</FONT>
<BR><FONT SIZE=2>getting anything in the logs, nor is sshd -ddd telling me anything's</FONT>
<BR><FONT SIZE=2>wrong. It just hangs. Probably a package broke in testing, but I'm</FONT>
<BR><FONT SIZE=2>concerned I got nailed by some worm. ;P</FONT>
</P>
<P><FONT SIZE=2>Its a pain in the ass to work on because I have to stand around in the</FONT>
<BR><FONT SIZE=2>living room for one box, and the other is 100 miles away. :P I'll have</FONT>
<BR><FONT SIZE=2>to try reverting packages to woody versions by hand or something.</FONT>
</P>
<P><FONT SIZE=2>This is what I get with -vvv, though after a while it seems to start</FONT>
<BR><FONT SIZE=2>just refusing connections, though sshd hasn't crashed or complained</FONT>
<BR><FONT SIZE=2>about anything.</FONT>
</P>
<P><FONT SIZE=2>$ ssh -vvv marvin</FONT>
<BR><FONT SIZE=2>OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090701f</FONT>
<BR><FONT SIZE=2>debug1: Reading configuration data /etc/ssh/ssh_config</FONT>
<BR><FONT SIZE=2>debug1: Applying options for *</FONT>
<BR><FONT SIZE=2>debug1: Rhosts Authentication disabled, originating port will not be</FONT>
<BR><FONT SIZE=2>trusted.</FONT>
<BR><FONT SIZE=2>debug1: ssh_connect: needpriv 0</FONT>
<BR><FONT SIZE=2>debug1: Connecting to marvin [192.168.0.1] port 22.</FONT>
<BR><FONT SIZE=2>debug1: Connection established.</FONT>
<BR><FONT SIZE=2>debug1: identity file /home/seg/.ssh/identity type -1</FONT>
<BR><FONT SIZE=2>debug1: identity file /home/seg/.ssh/id_rsa type -1</FONT>
<BR><FONT SIZE=2>debug1: identity file /home/seg/.ssh/id_dsa type -1</FONT>
<BR><FONT SIZE=2>debug1: Remote protocol version 1.99, remote software version</FONT>
<BR><FONT SIZE=2>OpenSSH_3.6.1p2 Debian 1:3.6.1p2-3</FONT>
<BR><FONT SIZE=2>debug1: match: OpenSSH_3.6.1p2 Debian 1:3.6.1p2-3 pat OpenSSH*</FONT>
<BR><FONT SIZE=2>debug1: Enabling compatibility mode for protocol 2.0</FONT>
<BR><FONT SIZE=2>debug1: Local version string SSH-2.0-OpenSSH_3.5p1</FONT>
<BR><FONT SIZE=2>debug1: SSH2_MSG_KEXINIT sent</FONT>
<BR><FONT SIZE=2>debug1: SSH2_MSG_KEXINIT received</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit: ssh-rsa,ssh-dss</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit: none,zlib</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit: none,zlib</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit: first_kex_follows 0</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit: reserved 0</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit: ssh-rsa,ssh-dss</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit: none,zlib</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit: none,zlib</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit:</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit: first_kex_follows 0</FONT>
<BR><FONT SIZE=2>debug2: kex_parse_kexinit: reserved 0</FONT>
<BR><FONT SIZE=2>debug2: mac_init: found hmac-md5</FONT>
<BR><FONT SIZE=2>debug1: kex: server->client aes128-cbc hmac-md5 none</FONT>
<BR><FONT SIZE=2>debug2: mac_init: found hmac-md5</FONT>
<BR><FONT SIZE=2>debug1: kex: client->server aes128-cbc hmac-md5 none</FONT>
<BR><FONT SIZE=2>debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent</FONT>
<BR><FONT SIZE=2>debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP</FONT>
<BR><FONT SIZE=2>debug1: dh_gen_key: priv key bits set: 129/256</FONT>
<BR><FONT SIZE=2>debug1: bits set: 1618/3191</FONT>
<BR><FONT SIZE=2>debug1: SSH2_MSG_KEX_DH_GEX_INIT sent</FONT>
<BR><FONT SIZE=2>debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY</FONT>
<BR><FONT SIZE=2>debug3: check_host_in_hostfile: filename /home/seg/.ssh/known_hosts</FONT>
<BR><FONT SIZE=2>debug3: check_host_in_hostfile: match line 1</FONT>
<BR><FONT SIZE=2>debug3: check_host_in_hostfile: filename /home/seg/.ssh/known_hosts</FONT>
<BR><FONT SIZE=2>debug3: check_host_in_hostfile: match line 1</FONT>
<BR><FONT SIZE=2>debug1: Host 'marvin' is known and matches the RSA host key.</FONT>
<BR><FONT SIZE=2>debug1: Found key in /home/seg/.ssh/known_hosts:1</FONT>
<BR><FONT SIZE=2>debug1: bits set: 1629/3191</FONT>
<BR><FONT SIZE=2>debug1: ssh_rsa_verify: signature correct</FONT>
<BR><FONT SIZE=2>debug1: kex_derive_keys</FONT>
<BR><FONT SIZE=2>debug1: newkeys: mode 1</FONT>
<BR><FONT SIZE=2>debug1: SSH2_MSG_NEWKEYS sent</FONT>
<BR><FONT SIZE=2>debug1: waiting for SSH2_MSG_NEWKEYS</FONT>
<BR><FONT SIZE=2>debug1: newkeys: mode 0</FONT>
<BR><FONT SIZE=2>debug1: SSH2_MSG_NEWKEYS received</FONT>
<BR><FONT SIZE=2>debug1: done: ssh_kex2.</FONT>
<BR><FONT SIZE=2>debug1: send SSH2_MSG_SERVICE_REQUEST</FONT>
<BR><FONT SIZE=2>debug1: service_accept: ssh-userauth</FONT>
<BR><FONT SIZE=2>debug1: got SSH2_MSG_SERVICE_ACCEPT</FONT>
</P>
<P><FONT SIZE=2>It just hangs forever here.</FONT>
</P>
</BODY>
</HTML>