Bug 447680 - hostbased authentication fails with "cannot get sockname for fd" (ssh-keysign)
hostbased authentication fails with "cannot get sockname for fd" (ssh-keysign)
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: openssh (Show other bugs)
9
All Linux
low Severity low
: ---
: ---
Assigned To: Tomas Mraz
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-05-21 01:12 EDT by Andrew Schultz
Modified: 2008-06-11 00:36 EDT (History)
0 users

See Also:
Fixed In Version: 5.0p1-3.fc9
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-06-11 00:36:21 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Andrew Schultz 2008-05-21 01:12:16 EDT
Description of problem:
After upgrading to Fedora9, I get the following whenever I try to connect to a
server (which supports hostbased authentication), I get:

cannot get sockname for fd
ssh_keysign: no reply
key_sign failed

hostbased authentication fails.  Adding some print statements to the source, it
seems that getsockname (called from get_socket_address) fails with EBADF (it
thinks the socket is bogus).  "setenforce 0" didn't help.

Version-Release number of selected component (if applicable):
5.0p1-1.fc9

How reproducible:
always

Steps to Reproduce:
1. ssh host (remote host needs to support hostbased auth)
  
Actual results:
hostbased auth fails

Expected results:
hostbased auth works
Comment 1 Fedora Update System 2008-05-21 05:16:15 EDT
openssh-5.0p1-3.fc9 has been submitted as an update for Fedora 9
Comment 2 Tomas Mraz 2008-05-21 06:24:13 EDT
Can you please test the update from testing updates?
Comment 3 Andrew Schultz 2008-05-21 10:09:42 EDT
yum isn't finding an update from the updates-testing repo.  I'm not seeing a new
openssh package in
ftp://download.fedora.redhat.com/pub/fedora/linux/updates/testing/9/i386/
Does it take a while for the package to make it up?
Comment 4 Tomas Mraz 2008-05-21 10:18:39 EDT
Yes, the update has not yet been pushed into the repository, hopefully later
this day or tomorrow. You can find it in koji.fedoraproject.org. You'll also
have to update pam from the last F9 build as well.
Comment 5 Andrew Schultz 2008-05-21 10:50:36 EDT
OK, I grabbed the packages from koji.  This bug seems to be gone with the new
packages.

Thanks.
Comment 6 Fedora Update System 2008-05-22 16:37:44 EDT
openssh-5.0p1-3.fc9 has been pushed to the Fedora 9 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update openssh'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-4356
Comment 7 Fedora Update System 2008-06-11 00:36:17 EDT
openssh-5.0p1-3.fc9 has been pushed to the Fedora 9 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.