Re: sshd sandbox failure
On Wednesday, February 5, 2014 1:51:51 AM UTC-6, Dimitry Andric wrote:
> On 04 Feb 2014, at 10:08, Vladimir Sharun <sharun@ukr.net> wrote:
>
> > Seems it must be in UPDATING or even in the buildworld: without capsicum framework support no ssh access to the server anymore.
>
> >
>
> > I step in the same problem this weekend, thank to the IPMI on the home testebed I figured out what's the cause.
>
> >>
>
> >> Since the openssh update in recent -CURRENT, I get these in my
>
> >> auth.log until I disable sandbox UsePrivilegeSeparation in sshd_config.
>
> >>
>
> >> Feb 3 10:02:14 firewall1 sshd[90062]: fatal: ssh_sandbox_child: failed to limit the network socket [preauth]
>
> >>
>
> >> Is there something that I missed during the update?
>
>
>
> This was an oversight fixed by Pawel in r261499. Pawel, maybe you can
>
> add a special note to UPDATING for it?
>
>
>
> -Dimitry
I am having problems with a rebuild world to r262601. When I try to ssh into the node, errors: "Connection closed by xxx.xxx.xxx.xxx" and on the FreeBSD server, the console prints: "fail: ssh_sandbox_child failed to limit network socket: [preauth]"
I have commented out UsePrivilegeSeparation sandbox
with #, in my sshd_config file (the default when I updated) and then deleted # (enabled) in front of UsePrivilegeSeparation sandbox
and I get the same error. What am I missing with the new:
SSH-2.0-OpenSSH_6.5_hpn13v11 FreeBSD-20140130 ?
I will gladly post my entire sshd_config file if you request. I am not doing anything special, just trying to get to login over the net.
Thank you - Mike
討論串 (同標題文章)
完整討論串 (本文為第 5 之 5 篇):