Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-45171

ssh crashes with gssapi in container

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • rhel-9.4
    • krb5
    • None
    • None
    • None
    • 1
    • rhel-sst-idm-ipa
    • ssg_idm
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • 2024-Q3-Bravo-S1
    • None
    • None
    • x86_64
    • None

      What were you trying to do that didn't work?

      running ssh localhost inside a container

      Please provide the package NVR for which bug is seen:

      openssh-clients-8.7p1-38.el9.x86_64

      How reproducible: always

      Steps to reproduce

      1.  enable gssapi support on the host's ssh server
      2.  build a minimal ubi9 container with openssh-clients
      3. run this command: ssh -o StrictHostKeyChecking=no localhost

      Expected results

      ssh connection to the local host

      Actual results

      core dump

       

      Here's a container def for apptainer:

      BootStrap: docker
OSVersion: 9.0
From: registry.access.redhat.com/ubi9/ubi:latest
%post
dnf install -y openssh-clients

      This is the error:

      # ssh -o StrictHostKeyChecking=no -v -v -v localhost
OpenSSH_8.7p1, OpenSSL 3.0.7 1 Nov 2022
debug1: Reading configuration data /afs/ifh.de/user/w/waschk/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: /etc/ssh/ssh_config line 55: Including file /etc/ssh/ssh_config.d/50-redhat.conf depth 0
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug2: checking match for 'final all' host localhost originally localhost
debug3: /etc/ssh/ssh_config.d/50-redhat.conf line 3: not matched 'final'
debug2: match not found
debug3: /etc/ssh/ssh_config.d/50-redhat.conf line 5: Including file /etc/crypto-policies/back-ends/openssh.config depth 1 (parse only)
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug3: gss kex names ok: [gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-]
debug3: kex names ok: [curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512]
debug1: configuration requests final Match pass
debug1: re-parsing configuration
debug1: Reading configuration data /afs/ifh.de/user/w/waschk/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: /etc/ssh/ssh_config line 55: Including file /etc/ssh/ssh_config.d/50-redhat.conf depth 0
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug2: checking match for 'final all' host localhost originally localhost
debug3: /etc/ssh/ssh_config.d/50-redhat.conf line 3: matched 'final'
debug2: match found
debug3: /etc/ssh/ssh_config.d/50-redhat.conf line 5: Including file /etc/crypto-policies/back-ends/openssh.config depth 1
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug3: gss kex names ok: [gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-]
debug3: kex names ok: [curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512]
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/afs/ifh.de/user/w/waschk/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/afs/ifh.de/user/w/waschk/.ssh/known_hosts2'
debug2: resolving "localhost" port 22
debug3: ssh_connect_direct: entering
debug1: Connecting to localhost [127.0.0.1] port 22.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug1: Connection established.
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_rsa type 0
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_rsa-cert type -1
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_dsa type -1
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_dsa-cert type -1
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_ecdsa type -1
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_ecdsa-cert type -1
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_ecdsa_sk type -1
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_ed25519 type -1
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_ed25519-cert type -1
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_ed25519_sk type -1
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_xmss type -1
debug1: identity file /afs/ifh.de/user/w/waschk/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.7
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.7
debug1: compat_banner: match: OpenSSH_8.7 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to localhost:22 as 'waschk'
debug3: record_hostkey: found key type RSA in file /afs/ifh.de/user/w/waschk/.ssh/known_hosts:750
debug3: load_hostkeys_file: loaded 1 keys from localhost
debug1: load_hostkeys: fopen /afs/ifh.de/user/w/waschk/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug3: order_hostkeyalgs: prefer hostkeyalgs: rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,ext-info-c,kex-strict-c-v00@openssh.com
debug2: host key algorithms: rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,sk-ssh-ed25519-cert-v01@openssh.com,sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com
debug2: ciphers ctos: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
debug2: ciphers stoc: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
debug2: MACs ctos: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
debug2: MACs stoc: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: gss-curve25519-sha256-toWM5Slw5Ew8Mqkay+al2g==,gss-nistp256-sha256-toWM5Slw5Ew8Mqkay+al2g==,gss-group14-sha256-toWM5Slw5Ew8Mqkay+al2g==,gss-group16-sha512-toWM5Slw5Ew8Mqkay+al2g==,gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==,curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,kex-strict-s-v00@openssh.com
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ssh-ed25519
debug2: ciphers ctos: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
debug2: ciphers stoc: aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes256-ctr,aes128-gcm@openssh.com,aes128-ctr
debug2: MACs ctos: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
debug2: MACs stoc: hmac-sha2-256-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha2-256,hmac-sha1,umac-128@openssh.com,hmac-sha2-512
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos: 
debug2: languages stoc: 
debug2: first_kex_follows 0 
debug2: reserved 0 
debug3: kex_choose_conf: will use strict KEX ordering
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: aes256-gcm@openssh.com MAC: <implicit> compression: none
debug1: kex: curve25519-sha256 need=32 dh_need=32
debug1: kex: curve25519-sha256 need=32 dh_need=32
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-rsa SHA256:CGK4fEgai58lHqIGFNhIEiSLyQFITBxBbzGcot7YNHU
debug3: record_hostkey: found key type RSA in file /afs/ifh.de/user/w/waschk/.ssh/known_hosts:750
debug3: load_hostkeys_file: loaded 1 keys from localhost
debug1: load_hostkeys: fopen /afs/ifh.de/user/w/waschk/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
SHA256:CGK4fEgai58lHqIGFNhIEiSLyQFITBxBbzGcot7YNHU.
Please contact your system administrator.
Add correct host key in /afs/ifh.de/user/w/waschk/.ssh/known_hosts to get rid of this message.
Offending RSA key in /afs/ifh.de/user/w/waschk/.ssh/known_hosts:750
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid man-in-the-middle attacks.
UpdateHostkeys is disabled because the host key is not trusted.
debug3: send packet: type 21
debug1: ssh_packet_send2_wrapped: resetting send seqnr 3
debug2: set_newkeys: mode 1
debug1: rekey out after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: ssh_packet_read_poll2: resetting read seqnr 3
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 4294967296 blocks
debug1: Will attempt key: /afs/ifh.de/user/w/waschk/.ssh/id_rsa RSA SHA256:OvLsmJ1U03SgAIDvmm0YAlmIcnQLbQV7bz+CzmJwvRc
debug1: Will attempt key: /afs/ifh.de/user/w/waschk/.ssh/id_dsa 
debug1: Will attempt key: /afs/ifh.de/user/w/waschk/.ssh/id_ecdsa 
debug1: Will attempt key: /afs/ifh.de/user/w/waschk/.ssh/id_ecdsa_sk 
debug1: Will attempt key: /afs/ifh.de/user/w/waschk/.ssh/id_ed25519 
debug1: Will attempt key: /afs/ifh.de/user/w/waschk/.ssh/id_ed25519_sk 
debug1: Will attempt key: /afs/ifh.de/user/w/waschk/.ssh/id_xmss 
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
debug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive
debug3: preferred gssapi-with-mic,publickey
debug3: authmethod_lookup gssapi-with-mic
debug3: remaining preferred: publickey
debug3: authmethod_is_enabled gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
Segmentation fault (core dumped)

      Here's the gdb output:

      program received signal SIGSEGV, Segmentation fault.
0x00007ffff7709791 in krb5int_open_plugin_dirs (
    dirnames=dirnames@entry=0x7ffff7808fb0 <objdirs>, 
    filebases=filebases@entry=0x0, dirhandle=dirhandle@entry=0x55555568bd58, 
    ep=ep@entry=0x55555568bd88)
    at /usr/src/debug/krb5-1.21.1-1.el9.x86_64/src/util/support/plugins.c:425
Downloading source file /usr/src/debug/krb5-1.21.1-1.el9.x86_64/src/util/support/plugins.c...
425                for (j = 0; !err && fnames[j] != NULL; j++) {
(gdb) bt
#0  0x00007ffff7709791 in krb5int_open_plugin_dirs (
    dirnames=dirnames@entry=0x7ffff7808fb0 <objdirs>, 
    filebases=filebases@entry=0x0, dirhandle=dirhandle@entry=0x55555568bd58, 
    ep=ep@entry=0x55555568bd88)
    at /usr/src/debug/krb5-1.21.1-1.el9.x86_64/src/util/support/plugins.c:425
#1  0x00007ffff77aa6c4 in module_locate_server (transport=TCP_OR_UDP, 
    svc=locate_service_kdc, serverlist=0x7fffffffc320, realm=0x7fffffffc4e0, 
    ctx=0x55555568bcf0) at os/locate_kdc.c:406
#2  locate_server (context=context@entry=0x55555568bcf0, 
    realm=realm@entry=0x7fffffffc4e0, 
    serverlist=serverlist@entry=0x7fffffffc450, svc=locate_service_kdc, 
    transport=TCP_OR_UDP) at os/locate_kdc.c:763
#3  0x00007ffff77ab07d in k5_locate_server (
    context=context@entry=0x55555568bcf0, realm=realm@entry=0x7fffffffc4e0, 
    serverlist=serverlist@entry=0x7fffffffc450, svc=<optimized out>, 
    no_udp=<optimized out>) at os/locate_kdc.c:811
#4  0x00007ffff77ab15c in k5_locate_kdc (context=context@entry=0x55555568bcf0, 
    realm=realm@entry=0x7fffffffc4e0, 
    serverlist=serverlist@entry=0x7fffffffc450, get_primaries=<optimized out>, 
    no_udp=<optimized out>) at os/locate_kdc.c:833
#5  0x00007ffff77ad0e4 in krb5_sendto_kdc (context=0x55555568bcf0, 
    message=0x7fffffffc500, realm=0x7fffffffc4e0, reply_out=0x7fffffffc4f0, 
    use_primary=0x7fffffffc4d8, no_udp=<optimized out>) at os/sendto_kdc.c:489
--Type <RET> for more, q to quit, c to continue without paging--
#6  0x00007ffff777cfcc in krb5_tkt_creds_get (context=0x55555568bcf0, 
    ctx=0x55555568c180) at krb/get_creds.c:1232
#7  0x00007ffff77828fc in krb5_get_credentials (
    context=context@entry=0x55555568bcf0, options=options@entry=0, 
    ccache=0x55555568d1c0, in_creds=in_creds@entry=0x7fffffffc700, 
    out_creds=out_creds@entry=0x7fffffffc5c8) at krb/get_creds.c:1339
#8  0x00007ffff7adcc2b in get_credentials (
    context=context@entry=0x55555568bcf0, cred=cred@entry=0x55555568aed0, 
    server=<optimized out>, now=1719399722, endtime=<optimized out>, 
    out_creds=out_creds@entry=0x7fffffffc848) at krb5/init_sec_context.c:197
#9  0x00007ffff7ae9e52 in kg_new_connection (exts=0x7fffffffc970, 
    context=<optimized out>, time_rec=0x0, ret_flags=0x0, 
    output_token=0x7fffffffcb10, actual_mech_type=0x0, 
    input_token=<optimized out>, input_chan_bindings=0x0, 
    time_req=<optimized out>, req_flags=34, 
    mech_type=0x7ffff7b05500 <krb5_gss_oid_array>, 
    target_name=<optimized out>, context_handle=0x555555688600, 
    cred=0x55555568aed0, minor_status=0x555555688844)
    at krb5/init_sec_context.c:578
#10 krb5_gss_init_sec_context_ext (
    minor_status=minor_status@entry=0x555555688844, 
    claimant_cred_handle=0x55555568aed0, claimant_cred_handle@entry=0x0, 
    context_handle=context_handle@entry=0x555555688600, 
--Type <RET> for more, q to quit, c to continue without paging--
    target_name=<optimized out>, 
    mech_type=0x7ffff7b05500 <krb5_gss_oid_array>, req_flags=<optimized out>, 
    req_flags@entry=34, time_req=0, input_chan_bindings=0x0, input_token=0x0, 
    actual_mech_type=0x0, output_token=0x7fffffffcb10, ret_flags=0x0, 
    time_rec=0x0, exts=0x7fffffffc970) at krb5/init_sec_context.c:972
#11 0x00007ffff7aea874 in krb5_gss_init_sec_context (
    minor_status=minor_status@entry=0x555555688844, 
    claimant_cred_handle=claimant_cred_handle@entry=0x0, 
    context_handle=context_handle@entry=0x555555688600, 
    target_name=<optimized out>, mech_type=<optimized out>, 
    req_flags=req_flags@entry=34, time_req=0, input_chan_bindings=0x0, 
    input_token=0x0, actual_mech_type=0x0, output_token=0x7fffffffcb10, 
    ret_flags=0x0, time_rec=0x0) at krb5/init_sec_context.c:1074
#12 0x00007ffff7acb530 in gss_init_sec_context (
    minor_status=minor_status@entry=0x555555688844, 
    claimant_cred_handle=<optimized out>, 
    context_handle=context_handle@entry=0x555555688848, 
    target_name=0x55555567b1c0, req_mech_type=<optimized out>, req_flags=34, 
    time_req=0, input_chan_bindings=0x0, input_token=0x0, 
    actual_mech_type=0x0, output_token=0x7fffffffcb10, ret_flags=0x0, 
    time_rec=0x0) at mechglue/g_init_sec_context.c:211
#13 0x00005555555ad28e in ssh_gssapi_init_ctx (ctx=0x555555688840, 
    deleg_creds=deleg_creds@entry=0, recv_tok=recv_tok@entry=0x0, 
--Type <RET> for more, q to quit, c to continue without paging--
    send_tok=send_tok@entry=0x7fffffffcb10, flags=flags@entry=0x0)
    at /usr/src/debug/openssh-8.7p1-38.el9.x86_64/gss-genr.c:395
#14 0x00005555555ad7e2 in ssh_gssapi_check_mechanism (ctx=0x7fffffffcb68, 
    oid=<optimized out>, host=<optimized out>, client=<optimized out>)
    at /usr/src/debug/openssh-8.7p1-38.el9.x86_64/gss-genr.c:522
#15 0x0000555555578b0d in userauth_gssapi (ssh=0x55555566b580)
    at /usr/src/debug/openssh-8.7p1-38.el9.x86_64/sshconnect2.c:904
#16 0x0000555555582fa7 in userauth (ssh=ssh@entry=0x55555566b580, 
    authlist=<optimized out>)
    at /usr/src/debug/openssh-8.7p1-38.el9.x86_64/sshconnect2.c:658
#17 0x00005555555833ff in input_userauth_failure (type=<optimized out>, 
    seq=<optimized out>, ssh=0x55555566b580)
    at /usr/src/debug/openssh-8.7p1-38.el9.x86_64/sshconnect2.c:754
#18 0x00005555555aa31e in ssh_dispatch_run (done=0x7fffffffce08, mode=0, 
    ssh=0x55555566b580)
    at /usr/src/debug/openssh-8.7p1-38.el9.x86_64/dispatch.c:113
#19 ssh_dispatch_run_fatal (ssh=0x55555566b580, mode=0, done=0x7fffffffce08)
    at /usr/src/debug/openssh-8.7p1-38.el9.x86_64/dispatch.c:133
#20 0x00005555555648f9 in ssh_userauth2 (
    sensitive=0x555555626fa0 <sensitive_data>, host=<optimized out>, 
    server_user=<optimized out>, local_user=<optimized out>, 
    ssh=<optimized out>)
    at /usr/src/debug/openssh-8.7p1-38.el9.x86_64/sshconnect2.c:579
--Type <RET> for more, q to quit, c to continue without paging--
#21 ssh_login (pw=<optimized out>, pw=<optimized out>, 
    sensitive=0x555555626fa0 <sensitive_data>, 
    hostaddr=0x555555625780 <hostaddr>, cinfo=<optimized out>, 
    timeout_ms=<optimized out>, port=<optimized out>, 
    orighost=<optimized out>, ssh=<optimized out>)
    at /usr/src/debug/openssh-8.7p1-38.el9.x86_64/sshconnect.c:1566
#22 main (ac=<optimized out>, av=<optimized out>)
    at /usr/src/debug/openssh-8.7p1-38.el9.x86_64/ssh.c:1714

      The solution is to install sssd-client but it shouldn't crash.

              jrische@redhat.com Julien Rische
              waschk Götz Waschk
              Julien Rische Julien Rische
              IPA QE Bot IPA QE Bot
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated: