Re: sshd signal 11 on -current
- Reply: Mark Millard : "Re: sshd signal 11 on -current"
- In reply to: Paul Mather : "Re: sshd signal 11 on -current"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 18 Jan 2024 17:32:48 UTC
On Thu, Jan 18, 2024 at 09:45:51AM -0500, Paul Mather wrote: > On 17 Jan 2024, at 8:51???pm, bob prohaska <fbsd@www.zefox.net> wrote: > > > > > I'm not sure which MAC (as in ethernet MAC) is being referred > > to. Might a different kind of MAC exist, unrelated to ethernet? > > > If this error is from SSH then it is likely unrelated to Ethernet. It likely refers to Message Authentication Code (MAC), which is used to ensure data integrity. See man ssh_config(5) for details. That puts a very different light on the problem. On ns2.zefox.net, the host at the server end of the failed ssh connections, running bob@ns2:~ % ssh -Q mac hmac-sha1 hmac-sha1-96 hmac-sha2-256 hmac-sha2-512 hmac-md5 hmac-md5-96 umac-64@openssh.com umac-128@openssh.com hmac-sha1-etm@openssh.com hmac-sha1-96-etm@openssh.com hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com hmac-md5-etm@openssh.com hmac-md5-96-etm@openssh.com umac-64-etm@openssh.com umac-128-etm@openssh.com bob@ns2:~ % At the same time, there was a typo (mine!) in /etc/ssh/sshd_conf, MACs -*etm@openssh.co introduced when adding the workaround in CVE-2023-48795. The error has been corrected and ns2.zefox.net rebooted. But, no difference in behavior. Here's the transcript, taken from my Raspberry Pi4 workstation: bob@raspberrypi:~ $ ssh ns2.zefox.net Password for bob@ns2.zefox.net: Last login: Thu Jan 18 08:36:07 2024 FreeBSD 12.4-STABLE r373269 GENERIC Welcome to FreeBSD! Release Notes, Errata: https://www.FreeBSD.org/releases/ Security Advisories: https://www.FreeBSD.org/security/ FreeBSD Handbook: https://www.FreeBSD.org/handbook/ FreeBSD FAQ: https://www.FreeBSD.org/faq/ Questions List: https://lists.FreeBSD.org/mailman/listinfo/freebsd-questions/ FreeBSD Forums: https://forums.FreeBSD.org/ Documents installed with the system are in the /usr/local/share/doc/freebsd/ directory, or can be installed later with: pkg install en-freebsd-doc For other languages, replace "en" with a language code like de or fr. Show the version of FreeBSD installed: freebsd-version ; uname -a Please include that output and any error messages when posting questions. Introduction to manual pages: man man FreeBSD directory layout: man hier Edit /etc/motd to change this login announcement. You can use /etc/make.conf to control the options used to compile software on this system. Example entries are in /usr/share/examples/etc/make.conf and in make.conf(5). For options that are set for building FreeBSD's kernel and its world, see src.conf(5). bob@ns2:~ % grep -i ssh /var/log/messages Jan 1 00:38:20 ns2 sshd[8068]: error: Fssh_kex_exchange_identification: Connection closed by remote host Jan 1 01:04:47 ns2 sshd[8182]: error: Fssh_kex_exchange_identification: Connection closed by remote host Jan 1 01:49:21 ns2 sshd[8242]: error: PAM: Authentication error for illegal user info from 185.11.61.234 Jan 1 02:19:41 ns2 sshd[8292]: error: PAM: Authentication error for illegal user cromados from 85.209.11.226 Jan 1 02:26:04 ns2 sshd[8308]: error: Fssh_kex_exchange_identification: Connection closed by remote host Corrupted MAC on input. ssh_dispatch_run_fatal: Connection to 50.1.20.30 port 22: message authentication code incorrect bob@raspberrypi:~ $ It does seem likely I've been barking up the wrong tree, but the new tree I picked is still wrong and there are several. A web search discovered an old (2016) thread which reports: "I got this problem to go away by disabling AVB/EAV mode on the advanced settings for the Ethernet adapter on the Mac (under Big Sur)." That suggests an Ethernet problem IIUC. Any other suggestions are welcome! Thanks for writing, bob prohaska