OpenSSH_5.2p1. non-vpn login to root account requests TUN interface and cannot exit

Alexander Panasyuk alexander.panasyuk at gmail.com
Mon May 25 03:57:31 EST 2009 

Hello!

I've configured SSH-VPN between two subnets and it works fine. Option
Tunnel=yes in config file is set.

The problem I run into is that normal SSH login to root account does not
terminate on "exit" command.

> ssh root at pig
pig> exit
;; screen is cleared but does not return to prompt
<ctrl-C>
Killed by signal 2.

ctrl-D does not work. Running ssh with -vvv has shown that as soon as
authentication succeeds ssh requests tun device:

debug1: Authentication succeeded (publickey).
debug1: Requesting tun unit 2147483647 in mode 1
debug1: sys_tun_open: tunnel mode 1 fd 4
debug2: fd 4 setting O_NONBLOCK
debug3: fd 4 is O_NONBLOCK
debug1: channel 0: new [tun]
debug1: channel 1: new [client-session]
debug3: ssh_session2_open: channel_new: 1
debug2: channel 1: send open

and after I exit from shell can not close it:

debug2: channel 1: rcvd eof
debug2: channel 1: output open -> drain
debug2: channel 1: obuf empty
debug2: channel 1: close_write
debug2: channel 1: output drain -> closed
debug1: client_input_channel_req: channel 1 rtype exit-status reply 0
debug2: channel 1: rcvd close
debug2: channel 1: close_read
debug2: channel 1: input open -> closed
debug3: channel 1: will not send data after close
debug2: channel 1: almost dead
debug2: channel 1: gc: notify user
debug2: channel 1: gc: user detached
debug2: channel 1: send close
debug2: channel 1: is dead
debug2: channel 1: garbage collecting
debug1: channel 1: free: client-session, nchannels 2
debug3: channel 1: status: The following connections are open:
  #0 tun (t4 r0 i0/0 o0/0 fd 4/4 cfd -1)
  #1 client-session (t4 r1 i3/0 o3/0 fd -1/-1 cfd -1)

debug3: channel 1: close_fds r -1 w -1 e 7 c -1

Running ssh -oTunnel=no root at pig does not help either. Commenting out
Tunnel=yes in configuration file does work.

I wonder why TUN device is requested when I am not asking for SSH-VPN
tunneling, why it can not be closed on exit (nothing is using it) and why
-oTunnel=no option does not work.

Thanks,
Alex.

More information about the openssh-unix-dev mailing list