Is this a SSH bug in Beta4

billm

Hi

Can someone test this :

SSH to pfsense,
Then, when you see the pfsense menu, press CTRL-C.
What will happen then ?, For me, it disconnet my SSH session now.

I can't duplicate this. Ctrl-C certainly leaves the menu in an odd state, requiring another ctrl-c, but it doesn't disconnect me.


*** Welcome to pfSense RELENG_1_SNAPSHOT_04-08-2006-embedded on nexcom ***

  WAN*                     ->   fxp0    ->      70.88.79.145
  LAN*                     ->   fxp1    ->      192.168.1.1
  OPT1(WIRELESS)*          ->   fxp2    ->      192.168.2.1

 pfSense console setup
***********************
 0)  Logout (SSH only)
 1)  Assign Interfaces
 2)  Set LAN IP address
 3)  Reset webGUI password
 4)  Reset to factory defaults
 5)  Reboot system
 6)  Halt system
 7)  Ping host
 8)  Shell
 9)  PFtop
10)  Filter Logs
11)  Restart webConfigurator

Enter an option: ^C
^C

 pfSense console setup
***********************
 0)  Logout (SSH only)
 1)  Assign Interfaces
 2)  Set LAN IP address
 3)  Reset webGUI password
 4)  Reset to factory defaults
 5)  Reboot system
 6)  Halt system
 7)  Ping host
 8)  Shell
 9)  PFtop
10)  Filter Logs
11)  Restart webConfigurator

Enter an option:

–Bill

hoba

I can duplicate this with putty and beta4a embedded. However, the disconnect only happens while viewing the shellmenu. If you exited from that with option 8 already it doesn't.

nima.m

Exactly that Hoba, thanks a lot.

This didn't happend with older versions.

nima.m

Is there anyway I can disable keyboard-interactive in sshd and only have normal password ?
I though if I put these line inside /etc/ssh/sshd_config, it would work, but it dosn't :

challengeresponseauthentication no
kbdinteractiveauthentication no

I also restarted the sshd deamon by using this command, but still keyboard-interactive is enabled :

/etc/rc.d/sshd restart

nima.m

I found the problem with CTRL-C

Look at the file /ect/rc.initial line 32
In BETA4, Scott has comment the following rows :

make sure the user can't kill us by pressing Ctrl-C,

ctrl-z, etc.

#trap : 2
#trap : 3
#trap : 4

The question is Why ?

sullrich

They where active before. So exactly what is your findings?

nima.m

they are not active anymore, not in BETA4 anyway :-)

http://cvstrac.pfsense.com/filediff?f=pfSense/etc/rc.initial&v1=1.77&v2=1.78

Can I uncomment those row in my router without breaking anything ?

sullrich

Try it. If it fixes the problem I will restore the behavior. I was trying to track down the blasted no controlling terminal bug.

nima.m

Yapp. this fixed the problem.
Now I can press CTRL-C wiithout the session get killed.

Scott, By the way, can you help me littel for my personal configuration,
If I want to activate telnetd in freebsd, I should do the following :

1.Append the following row to /etc/inetd.conf :
telnet stream tcp nowait root /usr/libexec/telnetd telnetd

2.Append the following line to /etc/rc.conf :
inetd_enable="YES"

3.restart telnetd by running this command :
/etc/rc.d/inetd restart

But how do I do this in pfsense ?

sullrich

We do not use the rc.d init system so this is not possible. You'll need to start it by hand from a /usr/local/etc/rc.d/ script.