SSH Tunnel nonexistent channel error

Darren Tucker dtucker at zip.com.au
Wed Dec 3 19:25:07 EST 2014 

On Wed, Dec 3, 2014 at 6:26 PM, Junk <junk at private.rw-gs.net> wrote:

> Every time I open an SSH Tunnel to my server after visiting a few sites
> over it I get the following error: channel_by_id: 3: bad id: channel free
> Disconnecting: Received ieof for nonexistent channel 3. The channel number
> varies but it's always the same issue. Any help would be appreciated. The
> server I'm using is for FreeSSHd for Windows. I'm connecting to the tunnel
> with ssh -N User at host -D 1080. Thanks.
>
>
> Verbose:
>

Looks like this is only debug level 1, debug level 3 (ssh -vvv) might
provide more information.

[...]

> debug1: Local connections to LOCALHOST:1080 forwarded to remote address
> socks:0
> debug1: Local forwarding listening on ::1 port 1080.
> debug1: channel 0: new [port listener]
>

channel 0 is a port forward channel.  Note that there is not shell channel
because you used -N to not ask for one.  This should be fine.

[...]

> debug1: Connection to port 1080 forwarding to socks port 0 requested.
> debug1: channel 10: new [dynamic-tcpip]
>

channel 10 is assigned to a port forward channel.  this should also be fine.

[...]

> debug1: channel 10: free: direct-tcpip: listening port 1080 for
> connect.facebook.net port 80, connect from 127.0.0.1 port 51036 to
> 127.0.0.1 port 1080, nchannels 35
>

channel 10 is freed by the server.  also fine.


> debug1: Connection to port 1080 forwarding to socks port 0 requested.
> debug1: channel 10: new [dynamic-tcpip]
>

channel 10 is reused.  also fine.

[...]

> debug1: client_input_channel_req: channel 10 rtype exit-status reply 0
> debug1: client_input_channel_req: no sink for exit-status on channel 10


channel 10 gets an exit-status message.  This is not fine: channel 10 is a
port forward (direct-tcpip) ssh channel, so this should not happen (see
rfc4254 section 6.10).  I suspect it also causes the client to tear the
channel down, although I have not checked this.


> debug1: channel 10: free: direct-tcpip: listening port 1080 for
> webchat.freenode.net port 80, connect from 127.0.0.1 port 51061 to
> 127.0.0.1 port 1080, nchannels 35
> channel_by_id: 10: bad id: channel free
> Disconnecting: Received ieof for nonexistent channel 10.
>

The client receives a channel free for channel 10, but as per the previous
comment I suspect it's already torn down at this point.

This goes off the rails when the server sends an exit-status message for
something that's not a shell command.  This is probably a server bug, but
maybe the openssh client could ignore these (it's a protocol violation,
though).  Depending on exactly what's going on in the server, you may be
able to work around the problem by specifying a long-running command (eg
"sleep 999999" or similar) instead of -N.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

More information about the openssh-unix-dev mailing list