Maybe bug in openssh??

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
first i apologize for my bad english.
i use OpenSSH version 3.8.0 on my Trustix linux 2.1.
I use "UsePam yes" to enabling authentication via PAM.
I set "UsePrivilegeSeparation" to "yes".
First I try connecting to my linux box from Windows via Putty.
I get "login:" and on linux I see this in "ps -ax":
13834 ?        S      0:00 sshd: root [priv]
13835 ?        S      0:00 sshd: root [net]
13836 ?        S      0:00 sshd: root [pam]
Second i closing connection via "cross" in right top corner or "ALT +
Now i see this on my linux :
13834 ?        S      0:00 sshd: root [priv]
13835 ?        S      0:00 [sshd] <defunct>
13836 ?        S      0:00 sshd: root [pam]
When i try this about 10 times I see in my linux box this:
15013 ?        S      0:00 sshd: root [pam]
15436 ?        S      0:00 sshd: root [pam]
15440 ?        S      0:00 sshd: root [pam]
15485 ?        S      0:00 sshd: root [pam]
15488 ?        S      0:00 sshd: root [pam]
15491 ?        S      0:00 sshd: root [pam]
15535 ?        S      0:00 sshd: root [pam]
15538 ?        S      0:00 sshd: root [pam]
15540 ?        S      0:00 sshd: root [priv]
15541 ?        Z      0:00 [sshd] <defunct>
15542 ?        S      0:00 sshd: root [pam]
15584 ?        S      0:00 sshd: root [priv]
15585 ?        Z      0:00 [sshd] <defunct>
15586 ?        S      0:00 sshd: root [pam]
Now i can't connecting to linux a i get message
"ssh_exchange_identification: Connection closed by remote host"
I must kill this proceses.

When i try this with setting "UsePrivilegeSeparation" to "no" its
everything OK.
After closing  connection ssh exit and dying right.

Re: Maybe bug in openssh??

Quoted text here. Click to load it
Quoted text here. Click to load it

Yes, there is a bug in 3.8x where sshd would fail to clean up PAM
proceses in some cases.  This was fixed in 3.9p1 and some vendors (eg
Debian) have backported a fix to their 3.8x packages.

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Site Timeline