RFC 8305 Happy Eyeballs in OpenSSH
Josh Soref
jsoref at gmail.com
Wed Feb 28 12:47:29 AEDT 2018
Browsers don't care about aborted transactions. Generally speaking a plain
http/https request isn't seen as a potential attack.
On Feb 27, 2018 8:27 PM, "Peter Stuge" <peter at stuge.se> wrote:
Wolfgang S Rupprecht wrote:
> Simplest would be to never abort the extra happy eyeballs before
> actually logging in or the normal ssh connection timeout.
1. What do dualstack browsers do when the second connection opens?
2. ssh could complete authentication on the second connection and
then immediately close the connection - but this would trigger many
side effects on the server, and be a nuisance at the very least;
consider when a server requires token interaction to login, and
having a sliding window with some limited number of logins per day.
I personally don't really want the client to open multiple
connections when I only specicy one server.
//Peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev at mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
More information about the openssh-unix-dev
mailing list