Description of problem: $ ssh onuma Segmentation fault Version-Release number of selected component (if applicable): openssh-5.9p1-14.fc17.x86_64 krb5-libs-1.10-0.fc17.alpha1.0.x86_64 glibc-2.14.90-20.fc17.x86_64 How reproducible: 100% Steps to reproduce: This only occurs when I set up a proxy command in .ssh/config which looks like this (real hostname and port are different): Host onuma ProxyCommand ssh -T -o ForwardAgent=yes proxy nc %h %p Host proxy Port 12345 HostName proxy.example.com Stack trace from gdb: Program received signal SIGSEGV, Segmentation fault. __strlen_sse2 () at ../sysdeps/x86_64/strlen.S:32 32 movdqu (%rdi), %xmm1 Missing separate debuginfos, use: debuginfo-install krb5-libs-1.10-0.fc17.alpha1.0.x86_64 libcom_err-1.42-0.7.WIP.1016.fc17.x86_64 nss-3.13.1-3.fc17.x86_64 nss-util-3.13.1-1.fc17.x86_64 (gdb) bt #0 __strlen_sse2 () at ../sysdeps/x86_64/strlen.S:32 #1 0x00007ffff58b4a76 in __GI___strdup ( s=0x4cd889e <Address 0x4cd889e out of bounds>) at strdup.c:42 #2 0x00007ffff609e5f9 in krb5_sname_to_principal () from /lib64/libkrb5.so.3 #3 0x00007ffff631a595 in ?? () from /lib64/libgssapi_krb5.so.2 #4 0x00007ffff630b1f5 in ?? () from /lib64/libgssapi_krb5.so.2 #5 0x00007ffff630c4c9 in gss_init_sec_context () from /lib64/libgssapi_krb5.so.2 #6 0x0000555555599afc in ssh_gssapi_init_ctx (ctx=0x5555557e51c0, deleg_creds=<optimized out>, recv_tok=0x0, send_tok=0x7fffffffb7c0, flags=0x0) at gss-genr.c:354 #7 0x0000555555599dfa in ssh_gssapi_check_mechanism (ctx=0x7fffffffb828, oid=<optimized out>, host=0x5555557dc3a0 "onuma", client=0x0) at gss-genr.c:478 #8 0x000055555556ddb1 in userauth_gssapi (authctxt=0x7fffffffb900) at sshconnect2.c:727 #9 0x000055555556f141 in userauth (authctxt=0x7fffffffb900, authlist=0x5555557e5140 "publickey,gssapi-keyex,gssapi-with-mic,password") at sshconnect2.c:526 #10 0x0000555555591e47 in dispatch_run (mode=0, done=0x7fffffffb928, ctxt=0x7fffffffb900) at dispatch.c:98 #11 0x000055555556ed9d in ssh_userauth2 (local_user=0x5555557dc3c0 "rjones", server_user=0x5555557dc450 "rjones", host=0x5555557dc3a0 "onuma", sensitive=0x5555557c18e0) at sshconnect2.c:490 #12 0x000055555556ab11 in ssh_login (sensitive=0x5555557c18e0, orighost=<optimized out>, hostaddr=0x5555557c1860, port=22, pw=<optimized out>, timeout_ms=-1000) at sshconnect.c:1178 #13 0x000055555555f39f in main (ac=<optimized out>, av=<optimized out>) at ssh.c:929
I updated to the latest krb5-libs from Rawhide and installed the krb5-libs debuginfo in order to resolve a few missing symbols from the above stack trace. Here is a more detailed stack trace: Program received signal SIGSEGV, Segmentation fault. __strlen_sse2 () at ../sysdeps/x86_64/strlen.S:32 32 movdqu (%rdi), %xmm1 Missing separate debuginfos, use: debuginfo-install libcom_err-1.42-0.7.WIP.1016.fc17.x86_64 nss-3.13.1-3.fc17.x86_64 nss-util-3.13.1-1.fc17.x86_64 (gdb) bt #0 __strlen_sse2 () at ../sysdeps/x86_64/strlen.S:32 #1 0x00007ffff58b4a76 in __GI___strdup ( s=0x4cd889e <Address 0x4cd889e out of bounds>) at strdup.c:42 #2 0x00007ffff609e5f9 in krb5_sname_to_principal (context=0x5555557e73e0, hostname=0x5555557e7a30 "onuma", sname=0x5555557e5180 "host", type=3, ret_princ=0x7fffffff9520) at sn2princ.c:115 #3 0x00007ffff631a595 in krb5_gss_import_name (minor_status=0x5555557e51c4, input_name_buffer=<optimized out>, input_name_type=<optimized out>, output_name=0x7fffffffb6e8) at import_name.c:162 #4 0x00007ffff630b1f5 in gssint_import_internal_name ( minor_status=0x5555557e51c4, mech_type=0x5555557e7230, union_name=0x5555557e5110, internal_name=0x7fffffffb6e8) at g_glue.c:386 #5 0x00007ffff630c4c9 in gss_init_sec_context (minor_status=0x5555557e51c4, claimant_cred_handle=0x0, context_handle=0x5555557e51c8, target_name=0x5555557e5110, req_mech_type=<optimized out>, req_flags=<optimized out>, time_req=0, input_chan_bindings=0x0, input_token=0x0, actual_mech_type=0x0, output_token=0x7fffffffb7c0, ret_flags=0x0, time_rec=0x0) at g_init_sec_context.c:168 #6 0x0000555555599afc in ssh_gssapi_init_ctx (ctx=0x5555557e51c0, deleg_creds=<optimized out>, recv_tok=0x0, send_tok=0x7fffffffb7c0, flags=0x0) at gss-genr.c:354 #7 0x0000555555599dfa in ssh_gssapi_check_mechanism (ctx=0x7fffffffb828, oid=<optimized out>, host=0x5555557dc3a0 "onuma", client=0x0) at gss-genr.c:478 #8 0x000055555556ddb1 in userauth_gssapi (authctxt=0x7fffffffb900) at sshconnect2.c:727 #9 0x000055555556f141 in userauth (authctxt=0x7fffffffb900, authlist=0x5555557e5140 "publickey,gssapi-keyex,gssapi-with-mic,password") at sshconnect2.c:526 #10 0x0000555555591e47 in dispatch_run (mode=0, done=0x7fffffffb928, ctxt=0x7fffffffb900) at dispatch.c:98 #11 0x000055555556ed9d in ssh_userauth2 (local_user=0x5555557dc3c0 "rjones", server_user=0x5555557dc450 "rjones", host=0x5555557dc3a0 "onuma", sensitive=0x5555557c18e0) at sshconnect2.c:490 #12 0x000055555556ab11 in ssh_login (sensitive=0x5555557c18e0, orighost=<optimized out>, hostaddr=0x5555557c1860, port=22, pw=<optimized out>, timeout_ms=-1000) at sshconnect.c:1178 #13 0x000055555555f39f in main (ac=<optimized out>, av=<optimized out>) at ssh.c:929
A workaround is to disable gssapi-with-mic by adding: PreferredAuthentications publickey,keyboard-interactive,password to the Host entry.
Are you still able to reproduce this issue with current F17 or newer?
Seems to have fixed itself with openssh-server-6.1p1-1.fc18.x86_64