sshd leaking processes

Darren Tucker dtucker at zip.com.au
Mon Mar 5 11:43:28 EST 2007


Frederik Eaton wrote:
> Hello,
> 
> I am experiencing a problem with
> 
> OpenSSH_4.3p2 Debian-8, OpenSSL 0.9.8c 05 Sep 2006
> 
> I have a tool which I use to generate command lines for end-end
> encryption through firewalls, following directions from an old
> discussion on this mailing list (thanks btw). It gives me something
> like this:
> 
> ssh -p 47774 localhost -o "ProxyCommand=ssh -v -v vds5.dedi.blackcatnetworks.co.uk -- 'nc localhost 47774'" -- 'echo hi'
> 
> When I run that, two sshd processes appear at the final destination
> host, and don't go away until I kill them.
> 
> I am wondering if this problem is known to have been fixed in a recent
> version, or if I should download the latest version and try, or what.

You're using "traditional" netcat (ie 1.10) on the intermediate server?

What's happening is that sshd closes the stdio to the "nc" processes and 
waits for it to exit, but the nc process never checks for this closure 
and never exits, thus deadlocks.

You can substitute connect[1] for netcat as it does not have this 
particular problem.

See also http://bugzilla.mindrot.org/show_bug.cgi?id=396

It's possible that the recent changes for bug #52 help in this situation 
but I suspect not.

[1] http://zippo.taiyo.co.jp/~gotoh/ssh/connect.html

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
     Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.


More information about the openssh-unix-dev mailing list