SSH crashes on login while any RSA/DSA keys exist

jjinno · 04-09-2010, 04:44 PM

I have been trying to solve this issue for a while now, and have got nowhere...fast.

My company uses (as do many others) a common set of keys between the development machines. This has always seemed to work until recently... now the presence of any keys (server-side) causes the SSH server to crash, and the client immediately gets kicked.

The interesting part is that the ONLY clients who crash the server are the ones with the common keys. If you are an unknown host, then you are prompted with a login, and you can get in.

From the client you see this:

Code:

[root@localhost ~]# ssh localhost
Last login: Fri Apr  9 14:36:44 2010 from jjinno.foobar.local
Connection to localhost closed.

And from the server (the same box in this case) you see this:

Code:

Apr  9 14:37:59 cld10-2 kernel: sshd[19967]: segfault at 00000000000000f0 rip 00002b0bafc8d65b rsp 00007ffffd836c90 error 4

Now if all I do is move the public/private keys, I no longer segfault, and can get in...

Code:

[root@localhost ~]# mv .ssh/id_rsa ./
[root@localhost ~]# ssh localhost
root@localhost's password:
Last login: Fri Apr  9 14:37:59 2010 from localhost
Connection to localhost closed.
[root@localhost ~]# mv .ssh/id_rsa.pub ./
[root@localhost ~]# ssh localhost
root@localhost's password:
Last login: Fri Apr  9 14:40:39 2010 from localhost

But that kinda defeats the purpose of having password-less SSH...

Any ideas?

jjinno · 04-09-2010, 04:48 PM

Oh, and I have tried creating new keys:

Code:

[root@localhost ~]# ssh-keygen -t rsa -N "" -f /root/.ssh/id_rsa
Generating public/private rsa key pair.
Your identification has been saved in /root/.ssh/id_rsa.
Your public key has been saved in /root/.ssh/id_rsa.pub.
The key fingerprint is:
7a:cc:68:c1:88:b3:c3:84:6e:8c:1c:a1:75:78:8c:4e root@localhost
[root@localhost ~]# ssh localhost
root@localhost's password:
Last login: Fri Apr  9 14:40:55 2010 from localhost
Connection to localhost closed.
[root@localhost ~]# cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys2
[root@localhost ~]# ssh localhost
Last login: Fri Apr  9 14:46:21 2010 from localhost
Connection to localhost closed.

You can see that it does know the difference between passwordless and non... but the fact that it has to read the keys at all causes the crash.

smoker · 04-09-2010, 07:38 PM

Whenever I used ssh keys they had to be saved in .ssh/authorizedkeys2 but you have to make sure the permissions are correct (600)
Maybe it enforces that now after an update ?
Why are you testing this from localhost ?
Isn't that pointless ?
Maybe someones added a list of acceptable IP addresses and 127.0.0.1 isn't in the list ?