RFC 8305 Happy Eyeballs in OpenSSH

Kim Minh Kaplan openssh-unix-dev.mindrot.org at ml.kim-minh.com
Wed Feb 28 22:11:19 AEDT 2018


[sorry for the possible duplicate]

I'll try and stop the misconception that is starting to spread around.

Wolfgang S Rupprecht wrote:

> Aw crap.  My homegrown anti-dos tool for ssh looks for either DNRIS or
> if logging is verbose enough a connection that didn't result in a
> login.

You should rejoice: the patch will NOT cause DNRIS nor a connection that
does not result in a login.

> Simplest would be to never abort the extra
> happy eyeballs before actually logging in or the normal ssh connection
> timeout.

It is even simpler: it does NOT establish the connection.

Kim Minh.


More information about the openssh-unix-dev mailing list