[Bug 1794605] [NEW] Using mod_sftp and ssh_host_ecdsa_key segfaults (Signal 11)

Jonas Jonsson jonas at websystem.se
Wed Sep 26 21:15:27 BST 2018


Public bug reported:

Upgrading from 1.3.5d to 1.3.5e causes mod_sftp to crash when using
ECDSA host keys.

>From a fresh install, add the following to the configuration

SFTPEngine on
Port 2222
SFTPHostKey /etc/ssh/ssh_host_ecdsa_key

Restart and try to login on port 2222 with sftp. The server will crash
during KEX_ECDH.

This used to work with 1.3.5d from 17.10 release.

A workaround for the moment is to only use a RSA key instead, i.e.
ssh_host_rsa_key.

>From proftpd.log:

".... ProFTPD terminating (signal 11)"

** Affects: proftpd-dfsg (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of ProFTPD
Maintainance Team, which is subscribed to proftpd-dfsg in Ubuntu.
https://bugs.launchpad.net/bugs/1794605

Title:
  Using mod_sftp and ssh_host_ecdsa_key segfaults (Signal 11)

Status in proftpd-dfsg package in Ubuntu:
  New

Bug description:
  Upgrading from 1.3.5d to 1.3.5e causes mod_sftp to crash when using
  ECDSA host keys.

  From a fresh install, add the following to the configuration

  SFTPEngine on
  Port 2222
  SFTPHostKey /etc/ssh/ssh_host_ecdsa_key

  Restart and try to login on port 2222 with sftp. The server will crash
  during KEX_ECDH.

  This used to work with 1.3.5d from 17.10 release.

  A workaround for the moment is to only use a RSA key instead, i.e.
  ssh_host_rsa_key.

  From proftpd.log:

  ".... ProFTPD terminating (signal 11)"

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/proftpd-dfsg/+bug/1794605/+subscriptions



More information about the Pkg-proftpd-maintainers mailing list