SSH (Secure Shell)

hanging problems with sshd openssh 5.[12]

View: New views
1 Messages — Rating Filter:   Alert me  

hanging problems with sshd openssh 5.[12]

by Jeff Voskamp :: Rate this Message:

Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message

We have built the last few versions of openssh for Solaris using the
following config.

  ./configure
  --prefix=/software/ssh-openssh-5.2
  --with-kerberos5=/software/krb5-1.6  --without-kerberos4
  --without-egd-pool  --without-prngd-port  --without-prngd-socket
  --disable-etc-default-login
  --with-entropy-timeout=200  --with-rand-helper
  --with-pam  --with-random=/dev/random

5.0 worked fine, but 5.1 and 5.2 sshd seems to hang when people do a
paste of more than about 1k under vim.
We've also had some problems with 5.1 and 5.2 with a few programs that
start up a remote program and chat with them - we get both sides waiting
for the other to respond.
They all work fine with rsh or ssh as long as sshd isn't 5.1 or later.

Has anyone seen something like this?

Sample ssh_config and sshd_config file attached.

Jeff Voskamp
javoskam@...

---snip sshd_config ---
# we're not using ipV6, but solaris offers it anyway (in all cases)
AddressFamily INET
Port 22
Protocol 2
ListenAddress 0.0.0.0

IgnoreRhosts yes
RhostsRSAAuthentication no

IgnoreUserKnownHosts no

X11Forwarding yes
X11UseLocalhost yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
KeepAlive yes

Subsystem    sftp    /software/ssh/maintenance/sftp-server

# to be pulled from previous incarnations and stashed above
# these are the defaults in case they weren't previously mentioned.
UsePam yes
StrictModes yes
PermitRootLogin no

HostbasedAuthentication yes
PubkeyAuthentication yes
GSSAPIAuthentication yes

PasswordAuthentication yes
PermitEmptyPasswords no

ChallengeResponseAuthentication yes

UsePrivilegeSeparation yes

---snip ssh_config ---
# Site-wide defaults for various options

Host *
    Port 22
    Protocol 2

    RSAAuthentication no
    RhostsRSAAuthentication no
    ChallengeResponseAuthentication yes

    PasswordAuthentication yes
    HostBasedAuthentication yes
    PreferredAuthentications
hostbased,publickey,keyboard-interactive,password

    ForwardAgent no
    ForwardX11 yes
    ForwardX11Trusted yes

    UsePrivilegedPort no
    CheckHostIP yes
EnableSSHKeysign yes
Free embeddable forum powered by Nabble Forum Help