Bug 1228234

Summary: SSH Client crashes with option GSSAPIKeyExchange enabled
Product: [openSUSE] openSUSE Distribution Reporter: Alexander Luedtke <luedtke>
Component: OtherAssignee: E-mail List <screening-team-bugs>
Status: NEW --- QA Contact: E-mail List <qa-bugs>
Severity: Major    
Priority: P5 - None    
Version: Leap 15.6   
Target Milestone: ---   
Hardware: x86-64   
OS: SUSE Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Alexander Luedtke 2024-07-23 08:05:54 UTC 
Hello everyone,

I updated 15.5 to 15.6 some days ago after that I noticed that ssh connection doesnt work anymore.

I as I found out, as long as  GSSAPIKeyExchange option is on the ssh client crashes.

Versions on System:
opnessh 9.6p1 - 150600.6.9.1
openssh-clients 9.6p1 - 150600.6.9.1

Debug Info of SSH Session:
OpenSSH_9.6p1, OpenSSL 3.1.4 24 Oct 2023
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug2: resolving "XXXXX" port 22
debug3: resolve_host: lookup files:22
debug3: channel_clear_timeouts: clearing
debug3: ssh_connect_direct: entering
debug1: Connecting to files [X.X.X.X] port 22.
debug3: set_sock_tos: set socket 3 IP_TOS 0x10
debug1: Connection established.
debug1: Local version string SSH-2.0-OpenSSH_9.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.4
debug1: compat_banner: match: OpenSSH_8.4 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to XXXX:22 as 'USER'
debug3: Trying to reverse map address X.X.X.X.
debug1: Offering GSSAPI proposal: gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-gex-sha1-eipGX3TCiQSrx573bT1o1Q==,gss-group14-sha1-eipGX3TCiQSrx573bT1o1Q==
Speicherzugriffsfehler (Speicherabzug geschrieben)


Workaround:
If you turn off GSSAPIKeyExchange in /etc/ssh/ssh_config (or else you turned it on) everything works fine (even with Kerberos)