[Bug 281882] Re: ssh hangs in initial handshaking when using IPv6

[Mike Bordignon]

Update: it works if I change the cipher (to blowfish, in this instance).
Doesn't work using aes128.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/281882

Title:
  ssh hangs in initial handshaking when using IPv6

Status in “openssh” package in Ubuntu:
  Confirmed

Bug description:
  ssh hangs in initial handshaking when using IPv6 to connect with a
  NetBSD 4.0 ssh server. I tried NetBSD on i386 and amd64.

  Here is the output from ssh -v when it fails: (I censored the IPv6
  address)

  rhialto at glicca:~$ ssh -v radl
  OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007
  debug1: Reading configuration data /etc/ssh/ssh_config
  debug1: Applying options for *
  debug1: Connecting to radl [2001:xxxx:xxxx::1] port 22.
  debug1: Connection established.
  debug1: identity file /home/rhialto/.ssh/identity type -1
  debug1: identity file /home/rhialto/.ssh/id_rsa type -1
  debug1: identity file /home/rhialto/.ssh/id_dsa type -1
  debug1: Remote protocol version 2.0, remote software version OpenSSH_4.4 NetBSD_Secure_Shell-20061114
  debug1: match: OpenSSH_4.4 NetBSD_Secure_Shell-20061114 pat OpenSSH*
  debug1: Enabling compatibility mode for protocol 2.0
  debug1: Local version string SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2
  debug1: SSH2_MSG_KEXINIT sent

  and here it hangs, until the other side times out.
  When using IPv4 it works fine.

  strace shows that ssh hangs in a select() call:
  ....
  read(3, "u", 1)                         = 1
  read(3, "r", 1)                         = 1
  read(3, "e", 1)                         = 1
  read(3, "_", 1)                         = 1
  read(3, "S", 1)                         = 1
  read(3, "h", 1)                         = 1
  read(3, "e", 1)                         = 1
  read(3, "l", 1)                         = 1
  read(3, "l", 1)                         = 1
  read(3, "-", 1)                         = 1
  read(3, "2", 1)                         = 1
  read(3, "0", 1)                         = 1
  read(3, "0", 1)                         = 1
  read(3, "6", 1)                         = 1
  read(3, "1", 1)                         = 1
  read(3, "1", 1)                         = 1
  read(3, "1", 1)                         = 1
  read(3, "4", 1)                         = 1
  read(3, "\n", 1)                        = 1
  write(3, "SSH-2.0-OpenSSH_4.7p1 Debian-8ub"..., 40) = 40
  fcntl64(3, F_GETFL)                     = 0x2 (flags O_RDWR)
  fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
  write(3, "\0\0\3\24\10\24\264\267\3426\226\\6\254\305\267H\265QT"..., 792) = 792
  select(4, [3], NULL, NULL, NULL

  It is apparently an Ubuntu 8.04.1-specific problem, since some other people I polled on a #netbsd irc channel reported that they could repeat the problem on Ubuntu-based machines but the problem did not occur for other Linux distributions. I'm using eeebuntu on an Eee 901 which is based on 8.04.01.
  I found a xubuntu 8.04 live cd which does not show the problem so probably the problem is quite specific.

  rhialto at glicca:~$ lsb_release -rd
  Description:	Ubuntu 8.04.1
  Release:	8.04
  rhialto at glicca:~$ apt-cache policy ssh
  ssh:
    Installed: (none)
    Candidate: 1:4.7p1-8ubuntu1.2
    Version table:
       1:4.7p1-8ubuntu1.2 0
          500 http://nl.archive.ubuntu.com hardy-updates/main Packages
          500 http://security.ubuntu.com hardy-security/main Packages
       1:4.7p1-8ubuntu1 0
          500 http://nl.archive.ubuntu.com hardy/main Packages

  hm, does that think I don't have ssh installed? I wonder which ssh I am then supposed to be using...
  It does claim to be "OpenSSH_4.7p1 Debian-8ubuntu1.2, OpenSSL 0.9.8g 19 Oct 2007"

  I expect the ssh client to continue after SSH2_MSG_KEXINIT, like when
  using IPv4.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/281882/+subscriptions