sshd Failing New Inbound Connections

Peter Stuge peter at stuge.se
Sat Mar 19 10:09:32 AEDT 2022


Damien Miller wrote:
> > "fatal: bad addr or host: ::1 (no address associated with name)"
> 
> sshd doesn't need to actually resolve the listenaddress directives in
> the reexec path, so skip it.

Is a further improvement possible where addresses are recognized as
such without the resolver, eliminating the resolver as a source of
problems when it's actually not applicable?

I don't know how easy it is to accomplish very portably? :\

POSIX.1-2001 offers inet_pton() but that essentially requires trying
both AF_INET and AF_INET6 explicitly.

getaddrinfo() sometimes supports AI_NUMERICHOST which could perhaps
be tried once opportunistically, before trying again with it unset?

Would it be worthwhile to do something like that even if it only
works on some platforms? (Others would keep current behavior.)


//Peter


More information about the openssh-unix-dev mailing list