# Can't ssh (solved)

## MarioMaster100

Every time I try to ssh I get this error

```
OpenSSL version mismatch. Built against 10002003, you have 100010af
```

I have openssl version 1.0.1j installed. Here's some more openssl info 

```
grep OPENSSL_VERSION /usr/include/openssl/opensslv.h

#define OPENSSL_VERSION_NUMBER   0x100010afL

#define OPENSSL_VERSION_TEXT   "OpenSSL 1.0.1j-fips 15 Oct 2014"

#define OPENSSL_VERSION_TEXT   "OpenSSL 1.0.1j 15 Oct 2014"

#define OPENSSL_VERSION_PTEXT   " part of " OPENSSL_VERSION_TEXT
```

I tried both emerge @preserved-rebuild and revdep-rebuild and both didn't help.Last edited by MarioMaster100 on Mon Oct 27, 2014 2:19 am; edited 1 time in total

----------

## Navar

Couldn't reproduce, mine being Wed Aug  6 14:29:16 2014 >>> net-misc/openssh-6.6_p1-r1 which didn't need rebuild since dev-libs/openssl-1.0.1h-r2.

I would emerge -1 openssh.  Before that, give revdep-rebuild -ivp a try and see if it lists to rebuild anything.  If it does, re-run without the -ivp options.

Glance at your /var/lib/portage/preserved_libs_registry file and see if it contains anything other than an '{}' empty set.Last edited by Navar on Sat Oct 25, 2014 10:32 pm; edited 1 time in total

----------

## eccerr0r

Did you try emerging openssh by itself again recently?

----------

## MarioMaster100

 *Navar wrote:*   

> Couldn't reproduce, mine being Wed Aug  6 14:29:16 2014 >>> net-misc/openssh-6.6_p1-r1 which didn't need rebuild since dev-libs/openssl-1.0.1h-r2.
> 
> I would emerge -1 openssh.  Before that, give revdep-rebuild -ivp a try and see if it lists to rebuild anything.  If it does, re-run without the -ivp options.
> 
> Glance at your /var/lib/portage/preserved_libs_registry file and see if it contains anything other than an '{}' empty set.

 

Well it looks like it's fine. 

```
 * Configuring search environment for revdep-rebuild

 * Temporary cache files are located in /var/cache/revdep-rebuild

revdep-rebuild environment:

SEARCH_DIRS="/bin

/lib

/lib32

/lib64

/opt/bin

/sbin

/usr/bin

/usr/games/bin

/usr/games/lib

/usr/games/lib32

/usr/games/lib64

/usr/lib

/usr/lib32

/usr/lib32/opengl/xorg-x11/lib

/usr/lib32/qt4

/usr/lib64

/usr/lib64/fltk-1

/usr/lib64/opengl/xorg-x11/lib

/usr/lib64/qt4

/usr/lib64/sidplay/builders

/usr/libexec

/usr/lib/gcc/x86_64-pc-linux-gnu/4.8.3

/usr/lib/gcc/x86_64-pc-linux-gnu/4.8.3/32

/usr/lib/qt4

/usr/lib/sidplay/builders

/usr/local/lib

/usr/local/lib32

/usr/local/lib64

/usr/sbin

/usr/x86_64-pc-linux-gnu/gcc-bin/4.8.3

/usr/x86_64-pc-linux-gnu/lib"

SEARCH_DIRS_MASK="/lib64/modules

/lib/modules

/opt/icedtea-bin-6.1.13.3

/opt/spotify/spotify-client"

LD_LIBRARY_MASK="libjava.so

libjawt.so

libjvm.so

libodbcinst.so

libodbc.so"

PORTAGE_ROOT="/"

EMERGE_OPTIONS=""

ORDER_PKGS="1"

FULL_LD_PATH="1"

 * Checking reverse dependencies

 * Packages containing binaries and libraries broken by a package update

 * will be emerged.

 * Collecting system binaries and libraries

 * Generated new 1_files.rr

 * Collecting complete LD_LIBRARY_PATH

 * Generated new 2_ldpath.rr

 * Checking dynamic linking consistency

[ 100% ]                 

 * Dynamic linking on your system is consistent... All done.
```

```
cat /var/lib/portage/preserved_libs_registry 

{}%
```

 *eccerr0r wrote:*   

> Did you try emerging openssh by itself again recently?

 

Yeah I emerged ssh again and no luck.

----------

## Hu

What is the output of find /usr/local/{include,lib{,64}}/ -type f -ls?

----------

## MarioMaster100

 *Hu wrote:*   

> What is the output of find /usr/local/{include,lib{,64}}/ -type f -ls?

 

```
find /usr/local/{include,lib{,64}}/ -type f -ls

421084    8 -rw-r--r--   1 root     root         8021 Sep  5 14:44 /usr/local/include/mupen64plus/m64p_debugger.h

421077    4 -rw-r--r--   1 root     root         3664 Sep  5 14:44 /usr/local/include/mupen64plus/m64p_common.h

421083   12 -rw-r--r--   1 root     root        10592 Sep  5 14:44 /usr/local/include/mupen64plus/m64p_config.h

421099   12 -rw-r--r--   1 root     root        10709 Sep  5 14:44 /usr/local/include/mupen64plus/m64p_types.h

421091   12 -rw-r--r--   1 root     root         9642 Sep  5 14:44 /usr/local/include/mupen64plus/m64p_plugin.h

421087    8 -rw-r--r--   1 root     root         5627 Sep  5 14:44 /usr/local/include/mupen64plus/m64p_frontend.h

421105    8 -rw-r--r--   1 root     root         5702 Sep  5 14:44 /usr/local/include/mupen64plus/m64p_vidext.h

1044518  516 -rw-r--r--   1 root     root       528320 Sep  5 14:44 /usr/local/lib/libmupen64plus.so.2.0.0

421229  108 -rw-r--r--   1 root     root       108568 Sep  5 14:44 /usr/local/lib/mupen64plus/mupen64plus-rsp-hle.so

421224   24 -rw-r--r--   1 root     root        22824 Sep  5 14:44 /usr/local/lib/mupen64plus/mupen64plus-audio-sdl.so

421232 1332 -rw-r--r--   1 root     root      1360800 Sep  5 14:44 /usr/local/lib/mupen64plus/mupen64plus-video-glide64mk2.so

421225   48 -rw-r--r--   1 root     root        47504 Sep  5 14:44 /usr/local/lib/mupen64plus/mupen64plus-input-sdl.so

421230  744 -rw-r--r--   1 root     root       759552 Sep  5 14:44 /usr/local/lib/mupen64plus/mupen64plus-video-rice.so

1044518  516 -rw-r--r--   1 root     root       528320 Sep  5 14:44 /usr/local/lib64/libmupen64plus.so.2.0.0

421229  108 -rw-r--r--   1 root     root       108568 Sep  5 14:44 /usr/local/lib64/mupen64plus/mupen64plus-rsp-hle.so

421224   24 -rw-r--r--   1 root     root        22824 Sep  5 14:44 /usr/local/lib64/mupen64plus/mupen64plus-audio-sdl.so

421232 1332 -rw-r--r--   1 root     root      1360800 Sep  5 14:44 /usr/local/lib64/mupen64plus/mupen64plus-video-glide64mk2.so

421225   48 -rw-r--r--   1 root     root        47504 Sep  5 14:44 /usr/local/lib64/mupen64plus/mupen64plus-input-sdl.so

421230  744 -rw-r--r--   1 root     root       759552 Sep  5 14:44 /usr/local/lib64/mupen64plus/mupen64plus-video-rice.so

```

----------

## Navar

What's the output for these?

```
find $(cat /etc/ld.so.conf | grep -e ^/) -type f -regextype sed -regex ".*.so.*" 2>/dev/null | grep -E 'libssl\.|libcrypto\.' | sed -e 's/^/ls -ls /' | sh
```

```
find $(cat /etc/ld.so.conf | grep -e ^/) -type l -regextype sed -regex ".*.so.*" 2>/dev/null | grep -E 'libssl\.|libcrypto\.' | sed -e 's/^/ls -ls /' | sh
```

```
ldd $(which ssh)
```

----------

## MarioMaster100

 *Navar wrote:*   

> What's the output for these?
> 
> ```
> find $(cat /etc/ld.so.conf | grep -e ^/) -type f -regextype sed -regex ".*.so.*" 2>/dev/null | grep -E 'libssl\.|libcrypto\.' | sed -e 's/^/ls -ls /' | sh
> ```
> ...

 

```
find $(cat /etc/ld.so.conf | grep -e ^/) -type f -regextype sed -regex ".*.so.*" 2>/dev/null | grep -E 'libssl\.|libcrypto\.' | sed -e 's/^/ls -ls /' | sh

1880 -r-xr-xr-x 1 root root 1922456 Oct 24 13:46 /usr/lib64/libcrypto.so.1.0.0

436 -r-xr-xr-x 1 root root 444536 Oct 24 13:46 /usr/lib64/libssl.so.1.0.0

1576 -rwxr-xr-x 1 root root 1609964 May  7 18:01 /usr/lib32/libcrypto.so.1.0.0

1340 -rwxr-xr-x 1 root root 1368448 May  7 18:06 /usr/lib32/libcrypto.so.0.9.8

392 -rwxr-xr-x 1 root root 398108 May  7 18:01 /usr/lib32/libssl.so.1.0.0

328 -rwxr-xr-x 1 root root 335796 May  7 18:06 /usr/lib32/libssl.so.0.9.8
```

```
find $(cat /etc/ld.so.conf | grep -e ^/) -type l -regextype sed -regex ".*.so.*" 2>/dev/null | grep -E 'libssl\.|libcrypto\.' | sed -e 's/^/ls -ls /' | sh

0 lrwxrwxrwx 1 root root 18 Oct 24 13:46 /usr/lib64/libcrypto.so -> libcrypto.so.1.0.0

0 lrwxrwxrwx 1 root root 15 Oct 24 13:46 /usr/lib64/libssl.so -> libssl.so.1.0.0

0 lrwxrwxrwx 1 root root 18 Jul 22 23:54 /usr/lib32/libcrypto.so -> libcrypto.so.1.0.0

0 lrwxrwxrwx 1 root root 15 Jul 22 23:54 /usr/lib32/libssl.so -> libssl.so.1.0.0
```

```
ldd $(which ssh)

   linux-vdso.so.1 (0x00007fff061ff000)

   libcrypto.so.1.0.0 => /usr/lib64/libcrypto.so.1.0.0 (0x00007f6d03540000)

   libdl.so.2 => /lib64/libdl.so.2 (0x00007f6d0333c000)

   libz.so.1 => /lib64/libz.so.1 (0x00007f6d03126000)

   libresolv.so.2 => /lib64/libresolv.so.2 (0x00007f6d02f0f000)

   libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f6d02cf1000)

   libc.so.6 => /lib64/libc.so.6 (0x00007f6d0294a000)

   /lib64/ld-linux-x86-64.so.2 (0x00007f6d03919000)

```

----------

## Navar

Given possible security concerns, I should have suggested objdump -p $(which ssh) | grep NEEDED instead of using ldd.  But you've obviously already executed ssh.

Your output looked ok so far, but something is still fishy.  Seen bug reports against openssh on this in the past, but I'm not reproducing or seeing others confirm what's happening to you.  So, to me, that sounds like a tree sync file validity issue or locally caused.

What is the output of emerge --info openssh openssl ?

Maybe show your /etc/ld.so.conf and see if anything unusual in /etc/ld.so.conf.d/ .

my sha256sums:

16dcc68c399990ec0c801d421d022ceeae0e3aec1e6ffd3fecc5e2f4768cc91b  /usr/portage/distfiles/openssh-6.6p1-hpnssh14v4.diff.xz

48c1f0664b4534875038004cc4f3555b8329c2a81c1df48db5c517800de203bb  /usr/portage/distfiles/openssh-6.6p1.tar.gz

Consider https://bugs.gentoo.org/show_bug.cgi?id=525638

----------

## MarioMaster100

 *Navar wrote:*   

> Given possible security concerns, I should have suggested objdump -p $(which ssh) | grep NEEDED instead of using ldd.  But you've obviously already executed ssh.
> 
> Your output looked ok so far, but something is still fishy.  Seen bug reports against openssh on this in the past, but I'm not reproducing or seeing others confirm what's happening to you.  So, to me, that sounds like a tree sync file validity issue or locally caused.
> 
> What is the output of emerge --info openssh openssl ?
> ...

 

```
emerge --info openssh openssl

Portage 2.2.8-r2 (default/linux/amd64/13.0/desktop, gcc-4.8.3, glibc-2.19-r1, 3.14.14-gentoo x86_64)

=================================================================

                        System Settings

=================================================================

System uname: Linux-3.14.14-gentoo-x86_64-Intel-R-_Core-TM-_i5-2430M_CPU_@_2.40GHz-with-gentoo-2.2

KiB Mem:     6017092 total,   4576968 free

KiB Swap:          0 total,         0 free

Timestamp of tree: Sat, 25 Oct 2014 19:30:01 +0000

ld GNU ld (Gentoo 2.23.2 p1.0) 2.23.2

app-shells/bash:          4.2_p53

dev-java/java-config:     2.2.0

dev-lang/perl:            5.18.2-r2

dev-lang/python:          2.7.7, 3.3.5-r1, 3.4.1

dev-util/cmake:           2.8.12.2-r1

dev-util/pkgconfig:       0.28-r1

sys-apps/baselayout:      2.2

sys-apps/openrc:          0.12.4

sys-apps/sandbox:         2.6-r1

sys-devel/autoconf:       2.69

sys-devel/automake:       1.11.6, 1.13.4

sys-devel/binutils:       2.23.2

sys-devel/gcc:            4.8.3

sys-devel/gcc-config:     1.7.3

sys-devel/libtool:        2.4.2-r1

sys-devel/make:           4.0-r1

sys-kernel/linux-headers: 3.13 (virtual/os-headers)

sys-libs/glibc:           2.19-r1

Repositories: gentoo steam-overlay calculate proaudio tox-overlay qt

ACCEPT_KEYWORDS="amd64"

ACCEPT_LICENSE="* -@EULA"

CBUILD="x86_64-pc-linux-gnu"

CFLAGS="-O2 -pipe"

CHOST="x86_64-pc-linux-gnu"

CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt"

CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"

CXXFLAGS="-O2 -pipe"

DISTDIR="/usr/portage/distfiles"

FCFLAGS="-O2 -pipe"

FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync"

FFLAGS="-O2 -pipe"

GENTOO_MIRRORS="http://distfiles.gentoo.org"

LANG="en_US"

LDFLAGS="-Wl,-O1 -Wl,--as-needed"

MAKEOPTS="-j4"

PKGDIR="/usr/portage/packages"

PORTAGE_CONFIGROOT="/"

PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"

PORTAGE_TMPDIR="/var/tmp"

PORTDIR="/usr/portage"

PORTDIR_OVERLAY="/var/lib/layman/steam /var/lib/layman/calculate /var/lib/layman/pro-audio /var/lib/layman/tox-overlay /var/lib/layman/qt"

USE="X a52 aac acl acpi alsa amd64 berkdb bluetooth branding bzip2 cairo cdda cdr cli consolekit cracklib crypt cups cxx dbus dri dts dvd dvdr emboss encode exif fam firefox flac fortran gdbm gif glamor gpm gtk iconv ipv6 jpeg lcms ldap libnotify mad mmx mng modules mp3 mp4 mpeg multilib ncurses networkmanager nls nptl ogg opengl openmp pam pango pcre pdf png policykit ppds qt3support qt4 readline sdl session spell sse sse2 ssl startup-notification svg tcpd tiff truetype udev udisks unicode upower usb vorbis wxwidgets x264 xcb xml xv xvid zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="evdev synaptics" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_3" RUBY_TARGETS="ruby19 ruby20" USERLAND="GNU" VIDEO_CARDS="intel" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"

Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, SYNC, USE_PYTHON

=================================================================

                        Package Settings

=================================================================

net-misc/openssh-6.6_p1-r1 was built with the following:

USE="X hpn ldap pam tcpd -X509 -bindist -kerberos -ldns -libedit (-selinux) -skey -static" ABI_X86="64"

dev-libs/openssl-1.0.1j was built with the following:

USE="(sse2) tls-heartbeat zlib -bindist -gmp -kerberos -rfc3779 -static-libs -test -vanilla" ABI_X86="64 -32 -x32"

CFLAGS="-O2 -pipe -fno-strict-aliasing -Wa,--noexecstack"

CXXFLAGS="-O2 -pipe -fno-strict-aliasing -Wa,--noexecstack"

```

The only thing in /etc/ld.so.conf.d/ was 05gcc-x86_64-pc-linux-gnu.conf .

Actually I'd only tried re-emerging ssh, not openssh, if that makes a difference?

----------

## Navar

 *MarioMaster100 wrote:*   

> The only thing in /etc/ld.so.conf.d/ was 05gcc-x86_64-pc-linux-gnu.conf .

 

Good.

 *MarioMaster100 wrote:*   

> Actually I'd only tried re-emerging ssh, not openssh, if that makes a difference?

 

Emerge can take a file target, so that normally wouldn't have caused an issue.  However:

```
$ emerge -pv ssh

These are the packages that would be merged, in order:

Calculating dependencies... done!

[ebuild   R    ] virtual/ssh-0  USE="-minimal" 0 kB

$ file $(which ssh)

/usr/bin/ssh: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.16, stripped

$ equery b /usr/bin/ssh

 * Searching for /usr/bin/ssh ... 

net-misc/openssh-6.6_p1-r1 (/usr/bin/ssh)
```

In that case, the virtual isn't what we wanted.  If you did emerge -1 $(which ssh) it should have tried to rebuild openssh.  So, if you haven't checked the SHA checksums on the source distribution files (see bug report) and didn't force emerge -1 openssl an actual re-emerge of openssh, please give those a try.

----------

## MarioMaster100

 *Navar wrote:*   

>  *MarioMaster100 wrote:*   The only thing in /etc/ld.so.conf.d/ was 05gcc-x86_64-pc-linux-gnu.conf . 
> 
> Good.
> 
>  *MarioMaster100 wrote:*   Actually I'd only tried re-emerging ssh, not openssh, if that makes a difference? 
> ...

 

I did the 2 emerge commands. Now ssh is working again \o/ . I just have to wait for my friend's server to be back on (just times out, I think it's off at the moment)  :Very Happy: 

----------

## Navar

Glad it got resolved.  :Smile: 

----------

