Exiting ssh when MaxSessions=0

Iain Morgan imorgan at nas.nasa.gov
Wed Sep 3 11:34:39 EST 2008


On Sat, Aug 30, 2008 at 05:30:11 +1000, Damien Miller wrote:
> On Fri, 29 Aug 2008, Iain Morgan wrote:
> 
> > Hi,
> > 
> > I've been experimenting with MaxSessions=0 in the sshd_config and have
> > encountered one unfortunate problem. Once the client authenticates to
> > the server, it ceases to respond to keyboard input.
> > 
> > At first glance, it looks like the client is in a hung state and does
> > not time out. If port forwarding was requested on the command-line and
> > the server accepts the request, that continues to work. But the tilde
> > escapes (and ^C) do not work. Apparently, you have to kill the session
> > from another terminal.
> > 
> > Once the session is killed, any buffered input is handled by the shell.
> > 
> > In cases where you know the server will have MaxSessions=0, this is not
> > a huge issue; you just have to remember to use the -f option. It is a
> > bit unfortunate if you forget to use -f.
> > 
> > It would be nice if ~. worked in this situation. I suppose ~C would also
> > be nice in order to add port forwardings after the fact. I'm not sure if
> > it would be problematic to add such support.
> 
> Yes, this is a bug. I think this patch fixes it, but I need to think
> though the consequences more:
> 
> Index: channels.c
> ===================================================================
> RCS file: /var/cvs/openssh/channels.c,v
> retrieving revision 1.273
> diff -u -p -r1.273 channels.c
> --- channels.c	16 Jul 2008 12:42:06 -0000	1.273
> +++ channels.c	29 Aug 2008 19:25:04 -0000
> @@ -2311,8 +2311,8 @@ channel_input_open_failure(int type, u_i
>  			xfree(lang);
>  	}
>  	packet_check_eom();
> -	/* Free the channel.  This will also close the socket. */
> -	channel_free(c);
> +	/* Schedule the channel for cleanup/deletion. */
> +	chan_mark_dead(c);
>  }
>  
>  /* ARGSUSED */
> 
> The difference if you are curious, is that chan_mark_dead() will schedule
> the channel for asynchronous cleanup, via channel_garbage_collect().
> That path runs the channel->detach_user callback which is what we rely
> on to determine that our main session channel has exited. 
> 
> channel_free() doesn't run any callbacks, so we never noticed that the
> session channel went away.
> 
> -d
> 
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

Thanks Damien. Do you need me to submit a bug on this for tracking
purposes?

-- 
Iain Morgan


More information about the openssh-unix-dev mailing list