[Solved] sshd error and segmentation fault

Wind8000 · 2023-12-23 06:09:45

Hello there,

I'm encountering an issue with sshd and would appreciate some assistance. When attempting to add any type of Match Block, such as:

Match address 172.72.15.0/24,172.72.16.10
    PermitRootLogin yes

the client connection is immediately terminated, and I'm seeing the following error in my logs:

Dez 23 06:16:08 archlinux sshd[941]: Connection from 172.72.15.10 port 60116 on 172.72.15.1 port 22 rdomain ""
Dez 23 06:16:08 archlinux kernel: sshd[941]: segfault at 0 ip 00005620a771bb3f sp 00007ffcf39d4b40 error 4 in sshd[5620a769a000+8c000] likely on CPU 3 (core 3, socket 0)
Dez 23 06:16:08 archlinux kernel: Code: d2 89 05 cc 81 05 00 45 8b 9e a8 05 00 00 45 85 db 0f 84 40 01 00 00 31 db 85 c0 74 23 66 0f 1f 44 00 00 48 8b 05 b9 81 05 00 <48> 8b 3c d8 48 83 c3 01 ff 15 53 6f 05 00 3b 1d 95 81 05 00 72 e3
Dez 23 06:16:08 archlinux systemd[1]: Started Process Core Dump (PID 943/UID 0).
Dez 23 06:16:08 archlinux systemd-coredump[944]: [?] Process 941 (sshd) of user 0 dumped core.
                                                   
                                                   Stack trace of thread 941:
                                                   #0  0x00005620a771bb3f n/a (sshd + 0x8cb3f)
                                                   #1  0x00005620a7716d32 n/a (sshd + 0x87d32)
                                                   #2  0x00005620a76ae511 n/a (sshd + 0x1f511)
                                                   #3  0x00005620a76c3033 n/a (sshd + 0x34033)
                                                   #4  0x00005620a76c83cf n/a (sshd + 0x393cf)
                                                   #5  0x00005620a769f6d2 n/a (sshd + 0x106d2)
                                                   #6  0x00005620a769cef4 n/a (sshd + 0xdef4)
                                                   #7  0x00007f0c370ffcd0 n/a (libc.so.6 + 0x27cd0)
                                                   #8  0x00007f0c370ffd8a __libc_start_main (libc.so.6 + 0x27d8a)
                                                   #9  0x00005620a769eff5 n/a (sshd + 0xfff5)
                                                   ELF object binary architecture: AMD x86-64
Dez 23 06:16:08 archlinux systemd[1]: systemd-coredump@3-943-0.service: Deactivated successfully.

Does anyone have ideas on how to resolve this issue? Your insights would be greatly appreciated!

Solution:

seth wrote:

Move the match to the end of the file, otherwise the subsystem would become part of it.

Last edited by Wind8000 (2023-12-23 09:37:42)

seth · 2023-12-23 07:20:00

https://wiki.archlinux.org/title/Debugg … Debuginfod

"Address" is supposed to be UpperCase and I'm not positive about the indention there
Is the match block at the end of the file and is there a trailing newline?
(Can you post the entire config?)

That being said, any of the above certainly should™ not crash sshd and it should™ handle this gracefully and tell you to fix your config…

Wind8000 · 2023-12-23 08:27:42

Here's my sshd_config file:

AuthorizedKeysFile	.ssh/authorized_keys

PermitRootLogin no

Match Address 172.72.15.0/24,172.72.16.10
	PermitRootLogin yes

Subsystem	sftp	/usr/lib/ssh/sftp-server

I've removed the comments from the config file. I've tested it with various configurations, including a single IP, an IP range, and other options such as

Match User username

I even experimented with different settings within the block, like:

Match Address 172.72.15.0/24,172.72.16.10
	X11Forwarding yes

However, despite these attempts, the issue persists.

seth · 2023-12-23 08:31:48

Move the match to the end of the file, otherwise the subsystem would become part of it.

frostschutz · 2023-12-23 08:46:45

Match blocks should be at end of file (so in your case, below Subsystem sftp line, not above it).

Even so, like seth already mentioned, Segfaults are not really a configuration issue, just a bug (or hardware issue). If you can reproduce segfaults in sshd with a given config, it should be reported as a bug...

Just in case, run a memtest and check file integrity of all packages (binaries, libraries, etc)?

Last edited by frostschutz (2023-12-23 08:48:16)

Wind8000 · 2023-12-23 08:50:05

That resolved it. I truly appreciate your help. I didn't expect the solution to be that simple.

seth · 2023-12-23 09:22:46

Please always remember to mark resolved threads by editing your initial posts subject - so others will know that there's no task left, but maybe a solution to find.
Thanks.

Wind8000 · 2023-12-23 09:32:32

I reproduced the issue on both a virtual machine hosted by another PC and my laptop, both running Arch Linux. I will proceed to submit a bug report to address this issue.

And I will mark this as resolved.

Last edited by Wind8000 (2023-12-23 09:33:10)

WorMzy · 2023-12-23 11:26:02

Mod note: moving to network/server/protection.

Arch Linux

#1 2023-12-23 06:09:45

[Solved] sshd error and segmentation fault

#2 2023-12-23 07:20:00

Re: [Solved] sshd error and segmentation fault

#3 2023-12-23 08:27:42

Re: [Solved] sshd error and segmentation fault

#4 2023-12-23 08:31:48

Re: [Solved] sshd error and segmentation fault

#5 2023-12-23 08:46:45

Re: [Solved] sshd error and segmentation fault

#6 2023-12-23 08:50:05

Re: [Solved] sshd error and segmentation fault

#7 2023-12-23 09:22:46

Re: [Solved] sshd error and segmentation fault

#8 2023-12-23 09:32:32

Re: [Solved] sshd error and segmentation fault

#9 2023-12-23 11:26:02

Re: [Solved] sshd error and segmentation fault

Board footer