#122599 ssh: Listen on multiple ports when misconfigured / bad logging

Package:
ssh
Source:
openssh
Submitter:
Ecki
Date:
2005-07-18 04:09:28 UTC
Severity:
normal
#122599#5
Date:
2001-12-05 20:46:50 UTC
From:
To:
Hello,

I encounterd something strange after I misconfigured the sshd-Daemon.

First the setup:

My Pc has only the ip-Address 192.168.11.1, but I somehow was confused and
entered the following into sshd_config:

ListenAddress 192.168.11.2
ListenAddress 192.168.11.1
ListenAddress 192.168.11.3

and

LogLevel DEBUG

I strace the sshd with following results:

23878 bind(4, {sin_family=AF_INET, sin_port=htons(22),
sin_addr=inet_addr("192.168.11.3")}}, 16) = -1 EADDRNOTAVAIL (Cannot
assign requested address)

23878 bind(5, {sin_family=AF_INET, sin_port=htons(22),
sin_addr=inet_addr("192.168.11.1")}}, 16) = -1 EADDRNOTAVAIL (Cannot
assign requested address)

23878 bind(6, {sin_family=AF_INET, sin_port=htons(22),
sin_addr=inet_addr("192.168.11.2")}}, 16) = 0

This resulted in the sshd listening on the port 22, but *also* on two higher
ports on the same machine, somehow random.

The logging give false information that the sshd listens on the two wrong
interfaces on port 22, I don't know if this is really a bug, but it is sure to
confuse me.

Dec  2 14:13:54 Kampfkoloss sshd[23878]: debug: Bind to port 22 on
192.168.11.3.
Dec  2 14:13:54 Kampfkoloss sshd[23878]: Server listening on
192.168.11.3 port 22.
Dec  2 14:13:54 Kampfkoloss sshd[23878]: debug: Bind to port 22 on
192.168.11.1.
Dec  2 14:13:54 Kampfkoloss sshd[23878]: Server listening on
192.168.11.1 port 22.
Dec  2 14:13:54 Kampfkoloss sshd[23878]: debug: Bind to port 22 on
192.168.11.2.
Dec  2 14:13:54 Kampfkoloss sshd[23878]: Server listening on
192.168.11.2 port 22.
Dec  2 14:13:54 Kampfkoloss sshd[23878]: Generating 768 bit RSA key

How it comes, that the sshd has bound on the two higher ports remains unclear
for me, but it think it is not aproblem of the sshd.

CU,
SEcki
-- System Information
Debian Release: 2.2
Kernel Version: Linux Kampfkoloss 2.2.17 #1 Sat Oct 20 13:02:18 CEST 2001 i586 unknown

Versions of the packages ssh depends on:
ii  libc6          2.1.3-19       GNU C Library: Shared libraries and Timezone
ii  libpam-modules 0.72-9         Pluggable Authentication Modules for PAM
ii  libpam0g       0.72-9         Pluggable Authentication Modules library
ii  libssl09       0.9.4-5        SSL shared libraries
ii  libwrap0       7.6-4          Wietse Venema's TCP wrappers library
ii  zlib1g         1.1.3-5        compression library - runtime
	^^^ (Provides virtual package libz1)
--- Begin /etc/ssh/sshd_config (modified conffile)
Port 22
ListenAddress 192.168.11.2
HostKey /etc/ssh/ssh_host_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin no
#
IgnoreRhosts yes
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
KeepAlive yes
SyslogFacility AUTH
LogLevel VERBOSE
RhostsAuthentication no
#
RhostsRSAAuthentication no
#
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords yes
UseLogin no
PrintMotd no
PrintLastLog no
CheckMail no

--- End /etc/ssh/sshd_config



--- Begin /etc/pam.d/ssh (modified conffile)
auth       required     pam_nologin.so nullok
auth       required     pam_unix.so
auth       required     pam_env.so # [1]
account    required     pam_unix.so nullok
session    required     pam_unix.so nullok
session    optional     pam_lastlog.so # [1]
session    optional     pam_motd.so # [1]
session    optional     pam_mail.so standard # [1]
password   required     pam_unix.so nullok
#



--- End /etc/pam.d/ssh