Side effect of sshd-session

[Hank Leininger]

This isn't a problem with openssh per se, but impacts some users on
Linux, and I wonder if I can get an amen on a netstat/net-utils
change proposal.

Splitting out sshd-session had an unfortunate side-effect: on Linux if
you are used to using netstat -antp to see what user process is
associated with which socket, the longer process name squeezes out the
username.

Prior to the change:

# netstat -antp | egrep 'EST.*sshd'
tcp        0     36 127.0.0.1:22      127.0.0.1:20560     ESTABLISHED 226228/sshd: foo  

After the change:

tcp        0      0 127.0.0.1:22      127.0.0.1:40222     ESTABLISHED 5266/sshd-session:

netstat has a -W/--wide flag, but it has no impact on the width of the
proctitle info added by the -p flag.

So I created https://sourceforge.net/p/net-tools/bugs/50/ about either
making the width subject to -W, or simply increasing the #define from 20
to 30; no feedback yet so I don't know how such changes would be
received (that might be my answer).

[ Yes, netstat is old&busted and we should all be using ss, except
  ss's -p flag pulls argv[0] not proctitle, so it's no help. Also the
  process is still owned by root so a simple check like the owner of
  the process or socket doesn't really help either. ]

Does anybody else routinely make use of netstat -antp for this reason,
and miss the utility of it after this change? If so please go chime in
on that discussion, if nothing else you'll motivate me to submit a
patch.

Thanks,

-- 

Hank Leininger <hlein at korelogic.com>
8428 ED14 5268 C727 0C48  F454 846F 0637 5FEB 1612
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20250410/905b3a2d/attachment.asc>