just curious

Pekka Savola pekkas at netcore.fi
Fri Jun 14 05:43:28 EST 2002


On Thu, 13 Jun 2002, Todd T. Fries wrote:
> What is the expected behavior wrt ipv6 on Linux?  My brother is trying to
> use sshd to bind to things and without '-6' on the commandline, it doesn't
> do any ipv6, even if 'ListenAddress ::' is listed in sshd_config.  Also,
> with '-6', it receives ipv4 requests as well.
> 
> This behavior is definately different from OpenBSD .. all addresses listed
> in sshd_config are used, and with none listed, it defaults to
> '0.0.0.0' and '::' .. the '-6' limits connections to ipv6 only.

Compile OpenSSH without '--with-ipv4-default', and there is no need for 
'-6'.

Linux, complying with the spec (but insecure in some respects), accepts
IPv4 connections through mapped addresses on '::'.  In some versions, this
can be prevented by using IPV6_V6ONLY setsockopt.  OpenBSD does do mapped
addresses at all.

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords






More information about the openssh-unix-dev mailing list