Ticket #718 (closed enhancement: fixed)

Opened 12 years ago

Last modified 2 years ago

dropbear does not reliably return exit status to client

Reported by: hns@… Owned by: mickeyl
Priority: high Milestone:
Component: Applications & Dependencies Version: unspecified
Severity: minor Keywords:
Cc: buglog@… Blocked By:
Blocking: Estimated Completion (week):
HasPatchForReview: PatchReviewResult:
Reproducible:

Description

dropbear does not reliably return exit status to client.

Change History

comment:1 Changed 12 years ago by stefan@…

  • Status changed from new to closed
  • Resolution set to invalid

Why do you mean this is an OpenMoko? bug? We have no specific patches for busybox
for OpenMoko?.

This sounds more like an upstream bug.

If you think I'm wrong just reopen the bug.

comment:2 Changed 12 years ago by hns@…

  • Status changed from closed to reopened
  • Resolution invalid deleted

Well, it is simply a bug I have seen the first time on using the OpenMoko?, and I need it to be solved for the
OpenMoko?.

I don't know and can't verify if it is a general bug of DropBear? or whatever.

Maybe the solution for OpenMoko? would be to switch to OpenSSH.

comment:3 Changed 12 years ago by hns@…

I have now tried on an Acer n30 with Letux Linux. There, it appears to work.

I have also contacted the maintainer of Dropbear (Matt Johnston) and sent him a system call trace
(strace).

What I noticed: if dropbear runs under control of strace it is quite difficult to get the bug. Only if I write
the log to a RAM disk.

So it might be a mixture of a race condition bug in Dropbear, processor/kernel speed and I/O activity.

--- how it looks like ---

MacBook?-hns:~ hns$ ssh -l root 192.168.0.202 false ; echo $?
root@192.168.0.202's password:
255
MacBook?-hns:~ hns$ ssh -l root 192.168.0.202 true ; echo $?
root@192.168.0.202's password:
0
MacBook?-hns:~ hns$ ssh -l root 192.168.0.202 true ; echo $?
root@192.168.0.202's password:
255
MacBook?-hns:~ hns$ ssh -l root 192.168.0.202 true ; echo $?
root@192.168.0.202's password:
255
MacBook?-hns:~ hns$

--- two runs using debug mode - the first is ok, the second one fails ---

MacBook?-hns:~ hns$ ssh -vvv -l root 192.168.0.202 true; echo $?
OpenSSH_4.5p1, OpenSSL 0.9.7l 28 Sep 2006
debug1: Reading configuration data /Users/hns/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.0.202 [192.168.0.202] port 22.
debug1: Connection established.
debug1: identity file /Users/hns/.ssh/identity type -1
debug3: Not a RSA1 key file /Users/hns/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /Users/hns/.ssh/id_rsa type 1
debug1: identity file /Users/hns/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version dropbear_0.49
debug1: no match: dropbear_0.49
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.5
debug2: fd 3 setting O_NONBLOCK
debug1: An invalid name was supplied
Cannot determine realm for numeric host address

debug1: An invalid name was supplied
Cannot determine realm for numeric host address

debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-
sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@…,aes128-
ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@…,aes128-
ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
ripemd160@…,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
ripemd160@…,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@…,zlib
debug2: kex_parse_kexinit: none,zlib@…,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-
cbc,twofish128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-
cbc,twofish128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: hmac-sha1-96,hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: hmac-sha1-96,hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: zlib,none
debug2: kex_parse_kexinit: zlib,none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: dh_gen_key: priv key bits set: 129/256
debug2: bits set: 527/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug3: check_host_in_hostfile: filename /Users/hns/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 7
debug1: Host '192.168.0.202' is known and matches the RSA host key.
debug1: Found key in /Users/hns/.ssh/known_hosts:7
debug2: bits set: 523/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /Users/hns/.ssh/identity (0x0)
debug2: key: /Users/hns/.ssh/id_rsa (0x301120)
debug2: key: /Users/hns/.ssh/id_dsa (0x0)
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/hns/.ssh/identity
debug3: no such identity: /Users/hns/.ssh/identity
debug1: Offering public key: /Users/hns/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /Users/hns/.ssh/id_dsa
debug3: no such identity: /Users/hns/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
root@192.168.0.202's password:
debug3: packet_send2: adding 64 (len 49 padlen 15 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug1: Sending command: true
debug2: channel 0: request exec confirm 0
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 8000 rmax 8000
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed

* note this mesage *
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0

debug2: channel 0: rcvd close
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:

#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cfd -1)

debug3: channel 0: close_fds r -1 w -1 e 6 c -1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.0 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status 0
0
MacBook?-hns:~ hns$ ssh -vvv -l root 192.168.0.202 true; echo $?
OpenSSH_4.5p1, OpenSSL 0.9.7l 28 Sep 2006
debug1: Reading configuration data /Users/hns/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.0.202 [192.168.0.202] port 22.
debug1: Connection established.
debug1: identity file /Users/hns/.ssh/identity type -1
debug3: Not a RSA1 key file /Users/hns/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /Users/hns/.ssh/id_rsa type 1
debug1: identity file /Users/hns/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version dropbear_0.49
debug1: no match: dropbear_0.49
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.5
debug2: fd 3 setting O_NONBLOCK
debug1: An invalid name was supplied
Cannot determine realm for numeric host address

debug1: An invalid name was supplied
Cannot determine realm for numeric host address

debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-
sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@…,aes128-
ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@…,aes128-
ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
ripemd160@…,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
ripemd160@…,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@…,zlib
debug2: kex_parse_kexinit: none,zlib@…,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-
cbc,twofish128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-
cbc,twofish128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: hmac-sha1-96,hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: hmac-sha1-96,hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: zlib,none
debug2: kex_parse_kexinit: zlib,none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: dh_gen_key: priv key bits set: 114/256
debug2: bits set: 536/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug3: check_host_in_hostfile: filename /Users/hns/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 7
debug1: Host '192.168.0.202' is known and matches the RSA host key.
debug1: Found key in /Users/hns/.ssh/known_hosts:7
debug2: bits set: 501/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /Users/hns/.ssh/identity (0x0)
debug2: key: /Users/hns/.ssh/id_rsa (0x301120)
debug2: key: /Users/hns/.ssh/id_dsa (0x0)
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/hns/.ssh/identity
debug3: no such identity: /Users/hns/.ssh/identity
debug1: Offering public key: /Users/hns/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /Users/hns/.ssh/id_dsa
debug3: no such identity: /Users/hns/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
root@192.168.0.202's password:
debug3: packet_send2: adding 64 (len 49 padlen 15 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentication succeeded (password).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug1: Sending command: true
debug2: channel 0: request exec confirm 0
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 8000 rmax 8000
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed

* note there is no exit status response mesage! *

debug2: channel 0: rcvd close
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:

#0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cfd -1)

debug3: channel 0: close_fds r -1 w -1 e 6 c -1
debug1: Transferred: stdin 0, stdout 0, stderr 0 bytes in 0.1 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 0.0
debug1: Exit status -1
255
MacBook?-hns:~ hns$

comment:4 Changed 11 years ago by werner@…

Regarding #2: switching to OpenSSH was the solution we adopted in HXD8,
where we make extensive use of ssh/scp in the production process. Another
ugly "feature" of dropbear is that it sometimes wants the user to press
[Enter] even if we've set up access through authorized_keys.

comment:5 Changed 11 years ago by mickey@…

  • Status changed from reopened to new
  • Severity changed from critical to enhancement

OpenSSH adds a lot of stuff to the file system. We don't have GigaBytes? of flash
on the Neo. Reflagging as enhancement since it's not an OpenMoko? bug per se, but
we would like to see it fixed anyways.

comment:6 Changed 11 years ago by roh

  • Owner changed from mickey@… to mickeyl

comment:7 Changed 11 years ago by mickeyl

  • Status changed from new to closed
  • Resolution set to fixed

Should be fixed with dropbear 0.5x.

comment:8 Changed 2 years ago by Kennescoma

Pain Pills Without A Prescription <a href=http://kama1.xyz/where-can-i-buy-kamagra.php>Where Can I Buy Kamagra</a> Keflex With Probenecid Isotretinoin Free Shipping <a href=http://antabuse.ccrpdc.com/antabuse-pills.php>Antabuse Pills</a> Prix Cialis Tunisie Zithromax Injection <a href=http://cial1.xyz/cheap-cialis-40mg.php>Cheap Cialis 40mg</a> Cialis Y La Disfuncion Erectil The Canadian Medstore No Percription <a href=http://cial1.xyz/cheap-cialis-online.php>Cheap Cialis Online</a> Kamagra Oral Jelly Utilisation Propecia En Medicamentos <a href=http://cial1.xyz/cialis-order.php>Cialis Order</a> No Prescription Needed

Note: See TracTickets for help on using tickets.