Re: Problemes with ControlPersist

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

Am Mo den 14. Mär 2011 um 20:34 schrieb Joachim Schipper:
> > 1. When I use ControlPersist in combination with ProxyCommand to reach a
> > other host over that proxy I get the following message:
> > Bad packet length 1397966893.
> > Disconnecting: Paket corrupt
> >
> > When I fist ssh to the proxy, close the connection (that persists in
> > background) and ssh to the target everything works well.
>
> I use this in .ssh/config, and it works for me (and has been working for
> a long time):
>
> Host *
> CheckHostIP yes
> ControlMaster auto
> ControlPath ~/.ssh/mux-%r@%h:%p
> ControlPersist 3m
> HashKnownHosts yes
> NoHostAuthenticationForLocalhost yes
> Protocol 2
>
> Host ssh.cwi.nl
> ProxyCommand none
> StrictHostKeyChecking yes
>
> Host *.cwi.nl
> User schipper
> ProxyCommand ssh ssh.cwi.nl netcat %h %p

've like the same. Just the newer syntax for ProxyCommand:
   Host *.sourceforge.net
      User XXX
      ForwardAgent no

   Host tschil-*
      ProxyCommand ssh -q -W %h:%p tschil

   Host XXXXX.XXX.ch
      ForwardAgent no
      ForwardX11 no
      BatchMode yes
      ProxyCommand ssh -q -W %h:%p XXXXXXXXX

   Host Manyhosts
      ProxyCommand ssh -q -W %h:%p XXXXX.XXX.ch

   Host Otherhosts
      ProxyCommand ssh -q -W %h:%p XXXXXXXXX

   Host *
      Protocol 2
      CheckHostIP no
      Cipher blowfish
      Ciphers blowfish-cbc
      VisualHostKey yes
      HashKnownHosts no
      ControlPath /home/klaus/.ssh/%r@%h:%p.sock
      ControlMaster auto
      ControlPersist 300
      ForwardX11 yes
      ForwardAgent yes

All works well when I comment out the ControlPersist line. And all
worked well since long time. But The ControlPersist breaks it as I told
above. Even the double proxy worked well and do without the
ControlPersist line.

> This is on OpenBSD-current (OpenSSH_5.8, OpenSSL 1.0.0a 1 Jun 2010).
> What are you connecting to what, and does it really say _Paket_ corrupt?

Sure. It was cut and paste.

> > 2. When I use cvs over ssh and use ControlPersist and ProxyCommand every
> > ssh command will block at the end for exact the time I specify in
> > ControlPersist. (Note that I have to start the proxy first like I
> > described in the first issue.)
>
> That's a known issue with certain programs (including e.g. Subversion,
> IIRC), but I don't recall how to fix it. Sorry.

I think the problems have something common. Maybe its the same.

Regards
   Klaus
- --
Klaus Ethgen http://www.ethgen.ch/
pub 2048R/D1A4EDE5 2000-02-26 Klaus Ethgen <Klaus@Ethgen.de>
Fingerprint: D7 67 71 C4 99 A6 D4 FE EA 40 30 57 3C 88 26 2B
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBTX50H5+OKpjRpO3lAQpVJwf/dYZ1/5CiKJcCkwLiMuhEzLRc2/32wAIu
24C/jXrahFwMAKJXMk9lYXwtSI56Apj+cUqCO6zz4bomX3IONGLJoT5AGI842vfe
gRU4vfub4HbTtyJYQpDLYdYv7mbkZ2n84xH+w88BujX2NzCbjjm2jICjQOggzztw
AlFu41teC98T//xLM3PvWP1Je9hvJx3mGACzit0jqV+6DsMMU7l2QgGw8rPso4rS
IivccxU/9j/HChSkP8alwtcxqgoc9oWabC4GRYOLJVelHx2D7qFDSe+MDcYdaXuO
Koi8QMjIjhBfzxcjvrW/YgbWu2689yjsc5NhGJECK2AcRKgYHMriLA==
=Q+Bi
-----END PGP SIGNATURE-----
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

• This message: [ Message body ]
• Next message: Joachim Schipper: "Re: ssh -W/ControlPersist bug (was: Problemes with ControlPersist)"
• Previous message: Joachim Schipper: "Re: Problemes with ControlPersist"
• In reply to: Joachim Schipper: "Re: Problemes with ControlPersist"
• Next in thread: Joachim Schipper: "Re: ssh -W/ControlPersist bug (was: Problemes with ControlPersist)"
• Reply: Joachim Schipper: "Re: ssh -W/ControlPersist bug (was: Problemes with ControlPersist)"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]