[mosh-users] mosh-server fails to start on grsecurity kernel
John Hood
cgull at glup.org
Tue Jun 7 20:52:03 EDT 2016
Oops, I'm forgetting two rather important things, sorry.
* The --local flag is only in mosh master, not yet in any release
(though 1.2.6 is coming soon). Available on GitHub near you. If you
don't want to mess with source you can run mosh-client and mosh-server
manually as documented on <https://mosh.mit.edu/>.
* mosh-server itself disables coredumps to protect its cryptographic
secrets. Disabling that requires editing source and rebuilding mosh-server.
regards,
--jh
On 06/07/2016 20:21, Deven Lahoti wrote:
> mosh --local just gives "unknown option", and I can't figure out how
> to enable coredumps for mosh-server - coredumps work for everything
> else, so I'm not sure why they're disabled here.
>
> On Tue, Jun 7, 2016 at 9:39 AM, John Hood <cgull at glup.org
> <mailto:cgull at glup.org>> wrote:
>
> Try running
>
> strace -ffo trace mosh --local 127.0.0.1
>
> on that server after enabling coredumps. That's not exactly the
> same as normal execution, since it doesn't use ssh, but it's
> useful for issues like this one.
>
> regards,
>
> --jh
>
> On Jun 7, 2016, at 12:56 AM, Deven Lahoti <deywos at mit.edu
> <mailto:deywos at mit.edu>> wrote:
>
>> Neither strace nor gdb will give me a backtrace, since they both
>> lose track of it when it forks, but the failure happens after
>> forking. For some reason, systemd says that coredumps are
>> disabled for the process, so I can't get one of those either.
>>
>> On Jun 7, 2016 00:31, "Alex Chernyakhovsky" <achernya at mit.edu
>> <mailto:achernya at mit.edu>> wrote:
>>
>> Unfortunately, that's not much to go on. Could you grab the
>> core file
>> and get a backtrace? I'm assuming some syscall (probably malloc?)
>> failed.
>>
>> Sincerely,
>> -Alex
>>
>> On Tue, Jun 7, 2016 at 12:18 AM, Deven Lahoti <deywos at mit.edu
>> <mailto:deywos at mit.edu>> wrote:
>> > I don't think that's the problem, since it's now giving me:
>> > mosh-server[21489]: segfault at 0 ip (null) sp
>> 00007fffffffcbd8
>> > error 14 in mosh-server[555555554000+60000]
>> >
>> > On Mon, Jun 6, 2016 at 11:42 PM, Alex Chernyakhovsky
>> <achernya at mit.edu <mailto:achernya at mit.edu>>
>> > wrote:
>> >>
>> >> I think the offending line is
>> >>
>> >> Jun 06 22:32:19 <hostname> kernel: PAX: From 18.X.X.X:
>> execution
>> >> attempt in: (null), 00000000-00000000 00000000
>> >> Jun 06 22:32:19 <hostname> kernel: PAX: terminating task:
>> >> /usr/bin/mosh-server(mosh-server):12505, uid/euid:
>> XXXX/XXXX, PC:
>> >> (nil), SP: 000003844385a508
>> >>
>> >> mosh-server needs to fork and exec to start subprocesses,
>> and your
>> >> kernel/configuration doesn't consider mosh-server to be in the
>> >> whitelist.
>> >>
>> >> Sincerely,
>> >> -Alex
>> >>
>> >>
>> >> On Mon, Jun 6, 2016 at 11:30 PM, Deven Lahoti
>> <deywos at mit.edu <mailto:deywos at mit.edu>> wrote:
>> >> > Hi, when trying to connect to my machine running Gentoo
>> Hardened on
>> >> > kernel
>> >> > 4.4.8, mosh-server fails to start. Here are the logs
>> (modified to remove
>> >> > personal info) [http://web.mit.edu/deywos/www/mosh.log].
>> I'm not really
>> >> > sure
>> >> > what the problem is, and I don't know much about how
>> mosh works, so I
>> >> > was
>> >> > hoping someone here could help me out.
>> >> >
>> >> > Thanks,
>> >> > Deven
>> >> >
>> >> > _______________________________________________
>> >> > mosh-users mailing list
>> >> > mosh-users at mit.edu <mailto:mosh-users at mit.edu>
>> >> > http://mailman.mit.edu/mailman/listinfo/mosh-users
>> >> >
>> >
>> >
>>
>> _______________________________________________
>> mosh-users mailing list
>> mosh-users at mit.edu <mailto:mosh-users at mit.edu>
>> http://mailman.mit.edu/mailman/listinfo/mosh-users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/mosh-users/attachments/20160607/7e3312d2/attachment-0001.html
More information about the mosh-users
mailing list