After a recent big update to OpenSuSE Tumbleweed, I could not ssh into my system any more.
The ssh client side would report a
Read from socket failed: Connection reset by peer which I misinterpreted as the sshd not running at all.
Luckily the server is a VM, so I could reach the console. There I saw this:
The files should not be loaded as they are not specified in the sshd_config file:
So I knew something was broken. After reading some messages in the forums.opensuse.org I got at Bug 977812 – sshd killed by SIGSYS on client connection
As usual with such issues the cause seems a combination of factors:
And we have the culprit, I believe: together with the glibc upgrade, openssl
was updated from 1.0.2g-1.1 to 1.0.2-2.12 which brought, among others, patch
A temporary fix is to comment out a line in
/etc/sshd_config so you get this diff:
-UsePrivilegeSeparation sandbox # Default for new installations.
+# UsePrivilegeSeparation sandbox # Default for new installations.
Be sure to undo this as soon as you’ve received a final fix.
I will report after deployment of [opensuse-factory] New Tumbleweed snapshot 20160502 released! as I think it contains the fix.
I already knew about openQA: Test summary which lists the builds, but not the changes in the builds.
It had both the announcement of the “big patch”, ssh bug report and temporary fix:
- [opensuse-factory] New Tumbleweed snapshot 20160422 released!
- [opensuse-factory] lost ssh from 13.1 server, Re:New Tumbleweed snapshot
- [opensuse-factory] SOLVED: lost ssh from 13.1 server, Re:New Tumbleweed