[Bug 2029] New: ssh connection failure error message confusing when talking to dual IPv4/6 host

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Jul 31 01:58:52 EST 2012 

https://bugzilla.mindrot.org/show_bug.cgi?id=2029

          Priority: P5
            Bug ID: 2029
          Assignee: unassigned-bugs at mindrot.org
           Summary: ssh connection failure error message confusing when
                    talking to dual IPv4/6 host
          Severity: normal
    Classification: Unclassified
                OS: Linux
          Reporter: sklist at kitterman.com
          Hardware: ix86
            Status: NEW
           Version: 5.9p1
         Component: ssh
           Product: Portable OpenSSH

I have a dual IPv4/6 server which has both A and AAAA records
  published for it's primary domain name.  I had just rebooted the
  server for a kernel update and was trying to ssh back in.  It failed
  with a "network unreachable" error which was totally misleading.  The
  issue was that the server was slow to come up and was not listening
on
  port 22 yet.  The error message should have been "connection
refused".

  During the period when I was waiting, if I used ssh directly to the
  IPv4 address, I (correctly) got "connection refused".  When I ssh'd
to
  the IPv6 address I (also correctly) got network unreachable since
  there is no IPv6 connectivity other than link-local on the network
the
  ssh client was connecting from.

  it looks like what ssh is doing in the case of a host with dual
A/AAAA
  records is looking them both up, trying both connections, and if the
  case of both failing, it's returning the IPv6 error message.  In this
  case it was quite confusing as there's no indication it's an IPv6
  connection the message is about.  I was trying to figure out how I
  could ping the server and at the same time have the network be
  unreachable.

  It would be better if, in the case of two errors, network unreachable
  is only handed back to the user if no other error (such as connection
  refused) does not indicate that the network was reachable and a
  connection to the remote server made at some level.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list