We help IT Professionals succeed at work.

SSH Segmentation Fault

Len45
Len45 asked
on
I have an older machine still running Fedora Core 2 -- used only as a ssh access point for my servers.  Last week I started getting a segmetation fault when I try to ssh using an normal personal account.  If I su to root and ssh from there the remote server complains a bit, but I do not get the segmentation fault.  Based on another question I did check messages and found the following the -TERM failed is for my account

Jan 28 11:26:03 serverx sshd: sshd -TERM failed
Jan 28 11:26:03 serverx sshd: /etc/ssh/sshd_config: Permission denied
Jan 28 11:26:03 serverx sshd:  failed
Jan 28 11:26:11 serverx  su(pam_unix)[3016]: session opened for user root by herb(uid=xxx)
Jan 28 11:26:19 serverx sshd: sshd -TERM succeeded
Jan 28 11:26:19 serverx sshd:  succeeded
Comment
Watch Question

BRONZE EXPERT
Top Expert 2004

Commented:
IIRC, sshd_confid should have 644 permissions.  As root:


$> chmod 644 /etc/ssh/sshd_config

Open in new window

Top Expert 2005

Commented:
sshd_config should not be readable by all.
It looks like sshd is not runinng as root, but another user.
I suppose Your ssh was compromised (the binary was overwritten but some rootkit or similar)

Start from reinstalling openssh from validated source (download rpm from fedora repositories), restart and verify.
If it worked, scan Your system for rootkits.
BRONZE EXPERT
Top Expert 2004

Commented:
Are you sure sshd_config should not be world readable?  After your response, I took a look around to verify, and the links I found indicate it should have permissions of 644.  Can you provide links/information on the proper config?

From my current server, hosted by RackSpace:
[user@mybox:/etc/ssh]
$> ls *_config
-rw-r--r--  1 root root 1.4K Aug  8 08:47 ssh_config
-rw-r--r--  1 root root 3.0K Oct  8 15:54 sshd_config

Open in new window

Top Expert 2005
Commented:
From mine boxes (FC), which work fine
-rw-r--r--  1 root root   1387 wrz 13  2005 ssh_config
-rw-------  1 root root   2999 wrz 27  2005 sshd_config
BRONZE EXPERT
Top Expert 2004
Commented:
The official word from the man page (http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config):

FILES
     /etc/ssh/sshd_config
             Contains configuration data for sshd(8).  This file should be
             writable by root only, but it is recommended (though not neces-
             sary) that it be world-readable.

I guess the real question is if changing the permissions to world-readable will resolve this issue.  Only a test will tell.  How did you come to the conclusion that sshd was running as a user other than root?

Author

Commented:
I changed permissions, and no change -- going to upgrade the system.  

Author

Commented:
One thing I did not include in my original message.  First, this has just started over the last week or so.  And I access the machine from a windoze workstation via secureCRT