NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: blocklistd configuration
On Sun, 23 Nov 2025 17:00:41 +0100
Martin Husemann <martin%duskware.de@localhost> wrote:
> It most likely is some issue (setup or whatever) on your sshd side.
> Do you see sshd logs about the login failures?
>
> Martin
Yes, sshd login failures get logged to /var/log/authlog
This is a VM running stock NetBSD-10.1 without any custom configurations.
Get sshd PID:
# ps aux | grep sshd
root 2348 0.0 0.2 71728 3364 ? Ss 9:19AM 0:00.01 sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups (ssh
Looks like it is using fd 5 for blocklistd socket:
# fstat -p 2348
USER CMD PID FD MOUNT INUM MODE SZ|DV R/W
root sshd 2348 wd / 2 drwxr-xr-x 512 r
root sshd 2348 0 / 1489292 crw-rw-rw- null rw
root sshd 2348 1 / 1489292 crw-rw-rw- null rw
root sshd 2348 2 / 1489292 crw-rw-rw- null rw
root sshd 2348 3* internet6 stream tcp *:ssh
root sshd 2348 4* internet stream tcp *:ssh
root sshd 2348 5* unix dgram <-> /var/run/blocklistd.sock [using]
Now trace all syscalls while simulating ssh login failure:
ktruss -d -t A -p 2348
... No read/write calls are made to fd 5 by sshd
I've done the same trace on NetBSD-9.4 and this is what I get:
$ grep '(0x5,' /tmp/out
968 1 sshd write(0x5, 0xffffffffffffcae8, 0x5) = 5
968 1 sshd write(0x5, 0x402c8400, 0x8) = 8
968 1 sshd read(0x5, 0x402c8400, 0x5) = 1
968 1 sshd write(0x5, 0xffffffffffffca08, 0x5) = 5
968 1 sshd read(0x5, 0x402c8400, 0x11) = 1
968 1 sshd write(0x5, 0xffffffffffffca48, 0x5) = 5
968 1 sshd read(0x5, 0x402c8400, 0x1) = 1
938 1 sshd sendmsg(0x5, 0xffffffffffffcb10, 0) = 147
I wonder if there have been recent changes to sshd on NetBSD-10.X to
cause this. But then you say others running similar release do not
see the same issue. So I'm confused now.
Home |
Main Index |
Thread Index |
Old Index