Received: (at submit) by bugs.debian.org; 5 Dec 2001 20:54:50 +0000 From Eckhard.Maass@gmx.net Wed Dec 05 14:54:50 2001 Return-path: Received: from mail.gmx.net [213.165.64.20] by master.debian.org with smtp (Exim 3.12 1 (Debian)) id 16Bj46-0001am-00; Wed, 05 Dec 2001 14:54:50 -0600 Received: (qmail 22727 invoked by uid 0); 5 Dec 2001 20:54:18 -0000 Received: from pd951d0db.dip.t-dialin.net (HELO Kampfkoloss) (217.81.208.219) by mail.gmx.net (mp015-rz3) with SMTP; 5 Dec 2001 20:54:18 -0000 Received: from kampfklo by Kampfkoloss with local (Exim 3.12 #1 (Debian)) id 16Bj3Z-0004o2-00 for ; Wed, 05 Dec 2001 21:54:17 +0100 Date: Wed, 5 Dec 2001 21:54:16 +0100 From: Eckhard Sebastian Maass To: submit@bugs.debian.org Subject: ssh: Listen on multiple ports when misconfigured / bad logging Message-ID: <20011205215416.A18460@ID-85207.user.dfncis.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Delivered-To: submit@bugs.debian.org Package: ssh Version: 1:1.2.3-9.3 Severity: normal Hello, I encounterd something strange after I misconfigured the sshd-Daemon. First the setup: My Pc has only the ip-Address 192.168.11.1, but I somehow was confused and entered the following into sshd_config: ListenAddress 192.168.11.2 ListenAddress 192.168.11.1 ListenAddress 192.168.11.3 and LogLevel DEBUG I strace the sshd with following results: 23878 bind(4, {sin_family=AF_INET, sin_port=htons(22), sin_addr=inet_addr("192.168.11.3")}}, 16) = -1 EADDRNOTAVAIL (Cannot assign requested address) 23878 bind(5, {sin_family=AF_INET, sin_port=htons(22), sin_addr=inet_addr("192.168.11.1")}}, 16) = -1 EADDRNOTAVAIL (Cannot assign requested address) 23878 bind(6, {sin_family=AF_INET, sin_port=htons(22), sin_addr=inet_addr("192.168.11.2")}}, 16) = 0 This resulted in the sshd listening on the port 22, but *also* on two higher ports on the same machine, somehow random. The logging give false information that the sshd listens on the two wrong interfaces on port 22, I don't know if this is really a bug, but it is sure to confuse me. Dec 2 14:13:54 Kampfkoloss sshd[23878]: debug: Bind to port 22 on 192.168.11.3. Dec 2 14:13:54 Kampfkoloss sshd[23878]: Server listening on 192.168.11.3 port 22. Dec 2 14:13:54 Kampfkoloss sshd[23878]: debug: Bind to port 22 on 192.168.11.1. Dec 2 14:13:54 Kampfkoloss sshd[23878]: Server listening on 192.168.11.1 port 22. Dec 2 14:13:54 Kampfkoloss sshd[23878]: debug: Bind to port 22 on 192.168.11.2. Dec 2 14:13:54 Kampfkoloss sshd[23878]: Server listening on 192.168.11.2 port 22. Dec 2 14:13:54 Kampfkoloss sshd[23878]: Generating 768 bit RSA key How it comes, that the sshd has bound on the two higher ports remains unclear for me, but it think it is not aproblem of the sshd. CU, SEcki -- System Information Debian Release: 2.2 Kernel Version: Linux Kampfkoloss 2.2.17 #1 Sat Oct 20 13:02:18 CEST 2001 i586 unknown Versions of the packages ssh depends on: ii libc6 2.1.3-19 GNU C Library: Shared libraries and Timezone ii libpam-modules 0.72-9 Pluggable Authentication Modules for PAM ii libpam0g 0.72-9 Pluggable Authentication Modules library ii libssl09 0.9.4-5 SSL shared libraries ii libwrap0 7.6-4 Wietse Venema's TCP wrappers library ii zlib1g 1.1.3-5 compression library - runtime ^^^ (Provides virtual package libz1) --- Begin /etc/ssh/sshd_config (modified conffile) Port 22 ListenAddress 192.168.11.2 HostKey /etc/ssh/ssh_host_key ServerKeyBits 768 LoginGraceTime 600 KeyRegenerationInterval 3600 PermitRootLogin no # IgnoreRhosts yes StrictModes yes X11Forwarding yes X11DisplayOffset 10 KeepAlive yes SyslogFacility AUTH LogLevel VERBOSE RhostsAuthentication no # RhostsRSAAuthentication no # RSAAuthentication yes PasswordAuthentication yes PermitEmptyPasswords yes UseLogin no PrintMotd no PrintLastLog no CheckMail no --- End /etc/ssh/sshd_config --- Begin /etc/pam.d/ssh (modified conffile) auth required pam_nologin.so nullok auth required pam_unix.so auth required pam_env.so # [1] account required pam_unix.so nullok session required pam_unix.so nullok session optional pam_lastlog.so # [1] session optional pam_motd.so # [1] session optional pam_mail.so standard # [1] password required pam_unix.so nullok # --- End /etc/pam.d/ssh