Details
Description
Steps:
- Generate a RSA key pair with ssh-keygen on Linux. Set private key passphrase.
- Configure the public key on a SSH server.
- Configure a SSH connection with the private key for authentication. Intentionally set a wrong passphrase!!
- Start the SSH connection from web portal.
Expected result:
Connecting to the SSH server fails due to the wrong passphrase.
Actual result:
The SSH connection closes with a segfault.
(gdb) bt #0 0x00002aaaae365596 in guac_common_ssh_authenticate (common_session=0x2aaab851d080) at ssh.c:300 #1 0x00002aaaae365c2c in guac_common_ssh_create_session (client=0x2aaab000ac40, hostname=0xe16e20 "10.148.38.168", port=0xe17100 "4118", user=0x0) at ssh.c:520 #2 0x00002aaaae35e01c in ssh_client_thread (data=0x2aaab000ac40) at ssh.c:220 #3 0x00002aaaab8521a4 in start_thread (arg=0x2aaab5001700) at pthread_create.c:309 #4 0x00002aaaabd5965d in clone () from /lib64/libc.so.6