Problemes with ControlPersist

Klaus Ethgen Klaus at
Tue Mar 15 07:01:36 EST 2011

Hash: SHA512


Am Mo den 14. Mär 2011 um 20:34 schrieb Joachim Schipper:
> > 1. When I use ControlPersist in combination with ProxyCommand to reach a
> >    other host over that proxy I get the following message:
> >       Bad packet length 1397966893.
> >       Disconnecting: Paket corrupt
> > 
> >    When I fist ssh to the proxy, close the connection (that persists in
> >    background) and ssh to the target everything works well.
> I use this in .ssh/config, and it works for me (and has been working for
> a long time):
> Host *
> 	CheckHostIP yes
> 	ControlMaster auto
> 	ControlPath ~/.ssh/mux-%r@%h:%p
> 	ControlPersist 3m
> 	HashKnownHosts yes
> 	NoHostAuthenticationForLocalhost yes
> 	Protocol 2
> Host
> 	ProxyCommand none
> 	StrictHostKeyChecking yes
> Host *
> 	User schipper
> 	ProxyCommand ssh netcat %h %p

've like the same. Just the newer syntax for ProxyCommand:
   Host *
      User XXX
      ForwardAgent no

   Host tschil-*
      ProxyCommand ssh -q -W %h:%p tschil

      ForwardAgent no
      ForwardX11 no
      BatchMode yes
      ProxyCommand ssh -q -W %h:%p XXXXXXXXX

   Host Manyhosts
      ProxyCommand ssh -q -W %h:%p

   Host Otherhosts
      ProxyCommand ssh -q -W %h:%p XXXXXXXXX

   Host *
      Protocol 2
      CheckHostIP no
      Cipher blowfish
      Ciphers blowfish-cbc
      VisualHostKey yes
      HashKnownHosts no
      ControlPath /home/klaus/.ssh/%r@%h:%p.sock
      ControlMaster auto
      ControlPersist 300
      ForwardX11 yes
      ForwardAgent yes

All works well when I comment out the ControlPersist line. And all
worked well since long time. But The ControlPersist breaks it as I told
above. Even the double proxy worked well and do without the
ControlPersist line.

> This is on OpenBSD-current (OpenSSH_5.8, OpenSSL 1.0.0a 1 Jun 2010).
> What are you connecting to what, and does it really say _Paket_ corrupt?

Sure. It was cut and paste.

> > 2. When I use cvs over ssh and use ControlPersist and ProxyCommand every
> >    ssh command will block at the end for exact the time I specify in
> >    ControlPersist. (Note that I have to start the proxy first like I
> >    described in the first issue.)
> That's a known issue with certain programs (including e.g. Subversion,
> IIRC), but I don't recall how to fix it. Sorry.

I think the problems have something common. Maybe its the same.

- -- 
Klaus Ethgen                  
pub  2048R/D1A4EDE5 2000-02-26 Klaus Ethgen <Klaus at>
Fingerprint: D7 67 71 C4 99 A6 D4 FE  EA 40 30 57 3C 88 26 2B
Version: GnuPG v1.4.11 (GNU/Linux)


More information about the openssh-unix-dev mailing list