Possible ssh -D bug in 5.8p1 (on Gentoo Linux)
Brother Railgun of Reason
alaric at caerllewys.net
Tue Feb 8 22:47:44 EST 2011
On Tue, Feb 08, 2011 at 07:57:55AM +1100, Damien Miller wrote:
> On Mon, 7 Feb 2011, Brother Railgun of Reason wrote:
> > I seem to have found a bug in 5.8p1.
> >
> > I work remotely, and use three SSH tunnels, two of the form ssh -L
> > port:host:destport -f -N -q -l remoteuser remotehost, and one of the
> > form ssh -D port -f -C -q -N -l remoteuser remotehost, the latter a web
> > tunnel that I may access any of several web hosts through. When I
> > upgraded to OpenSSH 5.8p1 this morning, the ssh -D tunnel ceased to
> > work; it would connect correctly, then stop responding within 30 seconds
> > to a minute, and the ssh process would not die on a SIGTERM, requiring a
> > SIGKILL. When I backed out to 5.7p1 and restarted my tunnels again, the
> > ssh -D tunnel worked again. The two ssh -L tunnels continued to work
> > normally.
>
> That's pretty unlikely, because there was no channels or forwarding-
> related code changed between 5.7 and 5.8. If you aren't using SELinux,
> the substantive diff is literally one line in the key certification code.
Nevertheless, I have one tunnel, set up in a specific way different from
my other two, that worked under 5.6 and 5.7, stops working when I
upgrade to 5.8, and works again as soon as I downgrade back to 5.7.
I'm filing a bug report with Gentoo in case it was introduced there.
--
Phil Stracchino, CDK#2 DoD#299792458 ICBM: 43.5607, -71.355
alaric at caerllewys.net alaric at metrocast.net phil at co.ordinate.org
Renaissance Man, Unix ronin, Perl hacker, Free Stater
It's not the years, it's the mileage.
More information about the openssh-unix-dev
mailing list