fyi: agent forwarding fails (with enabled ControlMaster) after time shift on client

Steffen Nurpmeso steffen at sdaoden.eu
Mon Sep 12 21:06:08 AEST 2016


Good morning and happy Monday.

Damien Miller <djm at mindrot.org> wrote:
 |On Fri, 9 Sep 2016, Steffen Nurpmeso wrote:
 |> Yes, i think that was the cause why agent forwarding wasn't
 |> performed at all, i had to rm(1) the control socket and the next
 |> ssh(1) connection forwarded the agent normally again.  (It was
 |> a huge timeshift by several hours.)  I.e., just in case this is
 |> something you didn't have on your radar yet.
 |
 |Do you know whether the agent was still running or if it has terminated?

It is running from Monday to Saturday (supervising a terminal
multiplexer, from within which everything happens (and itself
supervised by ssh session without agent forwarding, on hardware)).

 |Did you load your keys with a timeout set?

No.  The only timeouts i have are ControlPersist, RekeyLimit,
and ServerAliveInterval.  The server is default AlpineLinux less
some access methods, with only one KexAlgorithm and set
ClientAlive*.

--steffen


More information about the openssh-unix-dev mailing list