If sshd 4.7p1 and earlier is run with "-D" flag under FreeBSD and PrivilegeSeparation is enabled, the daemon leaves a zombie if a connection is reset during authentication. Example follows. before: % ps auwx | grep sshd root 6160 0.0 0.2 2852 2380 p0 S+ 11:43PM 0:00.02 /usr/sbin/sshd -D -e connecting: % ps auwx | grep sshd sshd 6189 0.0 0.2 4260 2540 ?? S 11:45PM 0:00.01 sshd: jwk [net] (sshd) root 6190 0.0 0.3 4452 2700 ?? S 11:45PM 0:00.00 sshd: jwk [pam] (sshd) root 6160 0.0 0.2 2852 2380 p0 S+ 11:43PM 0:00.02 /usr/sbin/sshd -D -e after: % ps auwx | grep sshd sshd 6189 0.0 0.0 0 0 ?? Z 11:45PM 0:00.01 <defunct> root 6160 0.0 0.2 2852 2380 p0 I+ 11:43PM 0:00.02 /usr/sbin/sshd -D -e stderr reports: Server listening on :: port 22. Server listening on 0.0.0.0 port 22. Postponed keyboard-interactive for jwk from [...] port 14668 ssh2 Connection closed by [...]
I have tried to reproduce this on FreeBSD 6 with both 4.7p1 and -current but could not (I kill -9'ed the client to cause a connection reset) but could not. Which version of FreeBSD is this? Also, is this an unmodified OpenSSH? Which sshd_config options do you have enabled? (I can tell from the output that you have at least UsePAM enabled.) Could you please run the server with increased loglevel and attach the output ("Create Attachment" rather than pasting in the comment field please), eg: /path/to/sshd -De -ologlevel=debug3 -p 2022 -o usepam=yes Thanks.
3 years, no followup = closed bug
close resolved bugs now that openssh-5.9 has been released