I have log-session-session running on a Ubuntu 22.04 server. (OpenSSH 8.9p1) I can SSH to it fine and see from the logging that log-user-session is working. But if I try to use ansible to connect via ssh with the same user to the same host, log-user-session reliably crashes. This can be reproduced with the simple Ansible ping command:
ansible -m ping -vvv bastion-new
By turning on debug logging, you can see exactly how the SSH connection is different. It uses these args:
ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o 'ControlPath="/home/mark/.ansible/cp/c366ed7860"' bastion-new '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
On the server side, this logging is produced:
Feb 21 18:40:52 bastion.example.com kernel: log-user-sessio[130612]: segfault at 0 ip 00005555ba61faeb sp 00007ffde2562d48 error 4 in log-user-session[5555ba61e000+4000]
I'm wondering if there's an easy fix or another alternative to this project I should be considering to secure my bastion hosts a bit more.
I have
log-session-sessionrunning on a Ubuntu 22.04 server. (OpenSSH 8.9p1) I can SSH to it fine and see from the logging thatlog-user-sessionis working. But if I try to useansibleto connect viasshwith the same user to the same host,log-user-sessionreliably crashes. This can be reproduced with the simple Ansiblepingcommand:By turning on debug logging, you can see exactly how the SSH connection is different. It uses these args:
On the server side, this logging is produced:
I'm wondering if there's an easy fix or another alternative to this project I should be considering to secure my bastion hosts a bit more.