[Bug 3380] Option -o ConnectTimeout not work

Mon Jan 17 10:54:34 AEDT 2022

https://bugzilla.mindrot.org/show_bug.cgi?id=3380

--- Comment #3 from Darren Tucker <dtucker at dtucker.net> ---
> OpenSSH_7.9p1 Debian-10+deb10u2, OpenSSL 1.1.1d  10 Sep 2019

Firstly, you are using a vendor modified version of OpenSSH.  Can you
reproduce the problem with the stock source from openssh.com?

I can't tell timings from those traces, but the first two are showing
two different behaviours from the remote server:

> ssh -vvv -o ConnectTimeout=30 -p 443 user at srvsysssh.com
[...]
> debug1: connect to address 94.86.175.299 port 443: Connection timed out
> ssh: connect to host srvsysssh.com port 443: Connection timed out

The server fails to establish a TCP connection within 30s.

> $ ssh -vvv -o ConnectTimeout=150 -p 443 user at srvsysssh.com
> OpenSSH_7.9p1 Debian-10+deb10u2, OpenSSL 1.1.1d  10 Sep 2019
[...]
> debug1: Connection established.
> debug3: timeout: 29987 ms remain after connect
[...]
> debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
> ssh_exchange_identification: Connection closed by remote host

Assuming the transcription is correct, the connection takes ~120s to
come up, then the TCP connection is established but the server does not
reply to the SSH banner and instead closes the connection after some
amount of time I cannot determine (but presumably a bit less than 30
seconds later).

The third trace looks ok from what you have shown.

Given you're using port 443, is it possible there's a transparent web
proxy in the path?  or one of those HTTPS/SSH multiplexers?  Where are
the significant delays and how long are they?

FWIW your examples work for me both with the stock OpenSSH and a Debian
I happen to have handy (albeit on port 22, which is what the server is
on):
$ ssh -V
OpenSSH_7.9p1 Debian-10+deb10u2, OpenSSL 1.1.1d  10 Sep 2019

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.