OpenSSH 3.3p1 / SuSE 7.3 / no login possible
Hello list, i know there are many threads about the actual OpenSSH and the upcoming problems. But i think my problem has not been discussed here before. After updating a SuSE 7.3 to OpenSSH 3.3.p1 no ssh login is possible. not as root and not as normal user. the password is always rejected. i think that it may be a problem with pam, but i'm not experienced enough to be sure. after some time of trying i deinstalled 3.3 and reinstalled 2.9p2 from suse 7.3 CDs. now login works again. theese are some messages that i got while debugging and they may be interesting: pleasure:/ # ./sshd -d debug1: sshd version OpenSSH_3.3 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: Bind to port 80 on ::. Server listening on :: port 80. --- no i try to connect --- debug1: Server will not fork when running in debugging mode. Connection from ::ffff:217.82.228.190 port 33275 debug1: Client protocol version 2.0; client software version OpenSSH_3.3 debug1: match: OpenSSH_3.3 pat OpenSSH* Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.3 debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: client->server aes128-cbc hmac-md5 none debug1: kex: server->client aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent debug1: dh_gen_key: priv key bits set: 134/256 debug1: bits set: 1604/3191 debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT debug1: bits set: 1608/3191 debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user root service ssh-connection method none debug1: attempt 0 failures 0 debug1: Starting up PAM with username "root" debug1: PAM setting rhost to "pd952e4be.dip.t-dialin.net" Failed none for root from ::ffff:217.82.228.190 port 33275 ssh2 Failed none for root from ::ffff:217.82.228.190 port 33275 ssh2 debug1: userauth-request for user root service ssh-connection method keyboard-interactive debug1: attempt 1 failures 1 debug1: keyboard-interactive devs debug1: auth2_challenge: user=root devs= debug1: kbdint_alloc: devices '' Failed keyboard-interactive for root from ::ffff:217.82.228.190 port 33275 ssh2 debug1: userauth-request for user root service ssh-connection method password debug1: attempt 2 failures 2 debug1: PAM Password authentication for "root" failed[7]: Authentication failure Failed password for root from ::ffff:217.82.228.190 port 33275 ssh2 Failed password for root from ::ffff:217.82.228.190 port 33275 ssh2 debug1: userauth-request for user root service ssh-connection method password debug1: attempt 3 failures 3 Failed password for root from ::ffff:217.82.228.190 port 33275 ssh2 Failed password for root from ::ffff:217.82.228.190 port 33275 ssh2 debug1: userauth-request for user root service ssh-connection method password debug1: attempt 4 failures 4 Failed password for root from ::ffff:217.82.228.190 port 33275 ssh2 Failed password for root from ::ffff:217.82.228.190 port 33275 ssh2 Connection closed by ::ffff:217.82.228.190 debug1: Calling cleanup 0x806ec80(0x0) debug1: Calling cleanup 0x8053dc0(0x0) debug1: Calling cleanup 0x806ec80(0x0) This is my pam config (it's the suse default) #%PAM-1.0 auth required pam_unix.so # set_secrpc auth required pam_nologin.so auth required pam_env.so account required pam_unix.so password required pam_pwcheck.so password required pam_unix.so use_first_pass use_authtok session required pam_unix.so none # trace or debug session required pam_limits.so Does anyone see whats wrong? Any ideas how to solve this or what to try? Thank you very much! Thomas
On Tuesday 25 June 2002 23:13, Thomas Reitelbach wrote:
Hello list,
i know there are many threads about the actual OpenSSH and the upcoming problems. But i think my problem has not been discussed here before.
[snip] I'm sorry to have sent this to the list... it was a problem with MD5 passwords :-/ shame on me! Thomas
Hello list, i have the same problem but no answer. My config: SuSE 7.3 / OpenSSH 3.3p1 / MD5-pass Only Protocol-2 with RSA-Auth is working. What is the problem? MD5 or PAM? Please Help.... Mario
-----Original Message----- From: Thomas Reitelbach [mailto:tr@troficent.de] Sent: Tuesday, June 25, 2002 11:28 PM To: suse-security@suse.com Subject: Re: [suse-security] OpenSSH 3.3p1 / SuSE 7.3 / no login possible
On Tuesday 25 June 2002 23:13, Thomas Reitelbach wrote:
Hello list,
i know there are many threads about the actual OpenSSH and the upcoming problems. But i think my problem has not been discussed here before.
[snip]
I'm sorry to have sent this to the list... it was a problem with MD5 passwords :-/
shame on me!
Thomas
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
----- Original Message -----
From: "M. Neubert" Hello list, i have the same problem but no answer.
My config: SuSE 7.3 / OpenSSH 3.3p1 / MD5-pass Only Protocol-2 with RSA-Auth is working.
What is the problem? MD5 or PAM? This is my first post to the list, prompted by the OpenSSH 3.3p1 update. I'd
like to thank the SuSE team for securing the system - specifically disabling
ssh access via keyboard authentication.
I have the same problem, namely md5 passwords on SuSE 7.3 and can no longer
get keyboard authentication to work, after disabling compression and
privilege seperation.
I sympathise with the pressure the team is under day to day, but can we have
a bit more testing next time, please guys? At least make the 2.9.9p2-98
patch available until there is an updated version that authenticates
properly (I believe the OpenSSH team is moving for a security fix version by
Monday, rather than one which merely coincidentally closes the hole?)
I'm surprised at the haste with which this update was released - especially
considering the vague nature of security concerns raised.
Dave
Alfar Networks Hey Guys,
Ease up... SuSE is doing what they can. The blame goes to Theo for not
divulging the actually exploit... (even to the vendors.) If you read the
release notes on the new version of SSH, you will find that this version
isn't really ready for prime time. There is quite a list of "known
problems" with it, including the PAM breakage that many people are
experiencing.
Now, I am sure that Theo and ISS have a good reason for not divulging
the exploit... and even though it goes against the grain of "open
source" philosophy, I'd rather they not announce it until a *REAL* fix
has been produced. Especially since I have so many exposed machines in
different places.
- Herman
Dave wrote: ----- Original Message -----
From: "M. Neubert" Hello list, i have the same problem but no answer.
My config: SuSE 7.3 / OpenSSH 3.3p1 / MD5-pass Only Protocol-2 with RSA-Auth is working.
What is the problem? MD5 or PAM? This is my first post to the list, prompted by the OpenSSH 3.3p1 update. I'd
like to thank the SuSE team for securing the system - specifically disabling
ssh access via keyboard authentication. I have the same problem, namely md5 passwords on SuSE 7.3 and can no longer
get keyboard authentication to work, after disabling compression and
privilege seperation. I sympathise with the pressure the team is under day to day, but can we have
a bit more testing next time, please guys? At least make the 2.9.9p2-98
patch available until there is an updated version that authenticates
properly (I believe the OpenSSH team is moving for a security fix version by
Monday, rather than one which merely coincidentally closes the hole?) I'm surprised at the haste with which this update was released - especially
considering the vague nature of security concerns raised. Dave
Alfar Networks * Dave (dave@alfar.co.uk) [020625 22:22]:
::
::I have the same problem, namely md5 passwords on SuSE 7.3 and can no longer
::get keyboard authentication to work, after disabling compression and
::privilege seperation.
::
::I sympathise with the pressure the team is under day to day, but can we have
::a bit more testing next time, please guys? At least make the 2.9.9p2-98
::patch available until there is an updated version that authenticates
::properly (I believe the OpenSSH team is moving for a security fix version by
::Monday, rather than one which merely coincidentally closes the hole?)
::
::I'm surprised at the haste with which this update was released - especially
::considering the vague nature of security concerns raised.
Well, I would suggest going to have a look at the OpenBSD or OpenSSH
sites. There were several discussions on the net over the last few days
in which they (not SuSE) stated that the md5 and PAM support was still a
bit 1/2 baked with 3.3p1. As for a vague nature..blame Theo and the
OpenBSD team for this. They didn't give any more information then "If
you don't use privsep and 3.3p1 there is a "remote root exploit".
*shrug* I would blame SuSE..how can one test what one doesn't have
knowledge of. They could only comply with what the OpenBSD/SSH team said
publicly. It's a quickfix for a problem that was thought to be a serious
one. Sometimes I think this is why SuSE did a damn fine job putting
together a fix that works for most people. When the bug and true fix are
released by the OpenBSD/SSH team I am sure SuSE will jump on it quickly.
If you want to go back to 3.2.3 and not run privsep..you are free to do
so..no one's twisting your arm ..accept maybe a script kiddie who gets
into your system because you didn't use the best fix that could be
provided at the time. ;)
-=Ben
--=====-----=====--
mailto:ben@whack.org
--=====--
Tell me what you believe..I tell you what you should see. -DP
--=====-----=====-- * Ben Rosenberg wrote on Tue, Jun 25, 2002 at 22:31 -0700: * Dave (dave@alfar.co.uk) [020625 22:22]:
::I'm surprised at the haste with which this update was released - especially
::considering the vague nature of security concerns raised. [...] bit 1/2 baked with 3.3p1. As for a vague nature..blame Theo and the
OpenBSD team for this. They didn't give any more information then "If
you don't use privsep and 3.3p1 there is a "remote root exploit".
*shrug* I would blame SuSE.. Well, exactly. I'm think the whole story is horrible and makes me
angry. First, you have to use an experimental feature, which is
known to cause many problems and on many architectures, and
second, this update doesn't even solve the remote exploit! It
just reduces it's impacts. Well, anything is guessed, since Theo
didn't told details. together a fix that works for most people. When the bug and true fix are
released by the OpenBSD/SSH team I am sure SuSE will jump on it quickly. Well, and maybe disabling those experimental security split mode,
getting back the functionality. Well, and you'll have to upgrade
next week in any case again... so..no one's twisting your arm ..accept maybe a script kiddie who gets
into your system because you didn't use the best fix that could be
provided at the time. ;) In this mode, the kiddie intrusion cracks a chroot jail with and
some user==sshd or such. Well, I don't like that at all. Maybe
they forgot an open directory file descriptor :) Surely the 2nd
exploit from somewhere would use that...
The thing that makes me nervous: since ssh had issues recently,
the script kiddies have nice hostlist that are running ssh. Well,
let's hope none of them read the flash worm articles and
implemented that, since this issue maybe a really nice start.
Even if it doesn't look like a zero day exploit, it may turn in
fact to a minus-one-week-exploit, since maybe the script kiddies
finished a work skeleton... I don't like to thing about that,
huh...
oki,
Steffen
--
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel. Ben,
thanks for your friendly words!
On Tue, Jun 25, 2002 at 10:31:09PM -0700, Ben Rosenberg wrote: It's a quickfix for a problem that was thought to be a serious one. This is indeed what it is. The entire thing is a band-aid, and
I'm not very proud of it.
For the record, we were notified of this vulnerability on Monday
afternoon (and I didn't learn that you have to go to 3.3 _and_
enable privilege separation until after I had built RPMs for all
suse platforms :)
So yes, you can say we released this update in a bit of a rush,
and it doesn't quite live up to what you're used to. For that I
apologize. The alternative however would have been leaving all
of you without a patch; and the prospect of someone releasing
anytime that would root all your boxes out there isn't a
very entertaining one. I am sure you will agree.
We will investigate the issue with MD5 passwords. This is probably just
another manifestation of a general problem with PAM and privsep, which
is that keyboard-interactive mode isn't working properly.
For the time being, I recommend not using MD5 passwords. Either
fall back to normal crypt passwords for the moment, or use
publickey authentication with a good pass phrase on the private
key.
Given the problems with 3.3p1, expect another patch as soon as
3.4 is available and we've had some time to test everything
more thoroughly than this time.
Cheers
Olaf
--
Olaf Kirch | Anyone who has had to work with X.509 has probably
okir@suse.de | experienced what can best be described as
---------------+ ISO water torture. -- Peter Gutmann Olaf Kirch wrote: For the record, we were notified of this vulnerability on Monday
afternoon (and I didn't learn that you have to go to 3.3 _and_
enable privilege separation until after I had built RPMs for all
suse platforms :) Speaking of all platforms - yeah, I know you didn't say versions :):
The Suse-Advisory yesterday mentioned RPMs for 6.4 (which I am stuck with at
the moment at least on two servers). I know about problems with older
PAM-Versions and Kernel 2.2.x, but seeing that there are patches for 7.0
(which also seems to have 2.2.x, at least here), I'm wondering if I could go
with these. Or did anyone have success with compiling OpenSSH on their own?
Another question: What do I break if I use the RPMs for 7.0 on SuSE
Mailserver II? It seems to require an update of openssl, which at least
sslwrap uses, which seems to be needed for at least imaps. Any hints?
Ralph Hi there,
just one thing, you at SuSE did a great job to me.
I agree about your vision of security problems, first close the gate ,
second make the gate really secure.
About the MD5 problem, well..none is perfect that's a prob that is giving
some prob to the real writters of openSSH code.
So? Shall we get upset with SuSE guys for this?
NO WAY!
Thanks for your great job.
bye all
Alberto Ralph Angenendt wrote: Olaf Kirch wrote: For the record, we were notified of this vulnerability on Monday
afternoon (and I didn't learn that you have to go to 3.3 _and_
enable privilege separation until after I had built RPMs for all
suse platforms :) Speaking of all platforms - yeah, I know you didn't say versions :): The Suse-Advisory yesterday mentioned RPMs for 6.4 (which I am stuck with at
the moment at least on two servers). I know about problems with older
PAM-Versions and Kernel 2.2.x, but seeing that there are patches for 7.0
(which also seems to have 2.2.x, at least here), I'm wondering if I could go
with these. Or did anyone have success with compiling OpenSSH on their own? Well. Talking to myself doesn't probably state mental saneness, but ...
I compiled the 7.0 src-RPMs on a 6.4 box and installed the resulting RPM. If
having two sshd processes per login (one as root, one with my uid) means
privsep is working, you can use above mentioned source RPMs for 6.4. Another question: What do I break if I use the RPMs for 7.0 on SuSE
Mailserver II? It seems to require an update of openssl, which at least
sslwrap uses, which seems to be needed for at least imaps. Any hints? As I didn't seem to need newer openssl-rpms on my 6.4 boxen, I assume this
will work as well if I use the source RPMs for this release also.
Ralph
; ; participants (9)