Re: ssh and ipv6

To: "Jeremy T. Bouse" <Jeremy.Bouse@UnderGrid.net>
Cc: debian-ipv6@lists.debian.org
Subject: Re: ssh and ipv6
From: Matthew Vernon <matthew@sel.cam.ac.uk>
Date: Tue, 3 Jul 2001 10:24:31 +0100 (BST)
Message-id: <[🔎] 15169.36687.538406.818341@rapun.sel.cam.ac.uk>
In-reply-to: <[🔎] 20010702212625.A14293@UnderGrid.net>
References: <[🔎] Pine.SOL.3.96.1010703030257.1173A-100000@libra.cus.cam.ac.uk> <[🔎] 20010702212625.A14293@UnderGrid.net>

Jeremy T. Bouse writes:

 > 	Again I'll take a look at the bug reports in between trying to get
 > my bugs clear'd against my packages and let you know personally my findings
 > related to them...

Thanks. I'm thinking of #82468, #95576 and co - I include the text of
the bug report I filed, for reference:

ssh-ing to this system from elsewhere (with Xforwarding disabled,
causes the ssh  session to die, and drop the following to syslog:

(for reference, this is in get_sock_port in canohost.c)

get_sock_port: getnameinfo NI_NUMERICSERV failed

Strace shows this is getting error -6 back (EAI_FAMILY), which is
address family not recognised, or the address length was invalid for
the specified family.

This is because sshd is using IPV6 addresses, and so gets an IPV6
address back from getpeername(), which it then immediatly passes to
get_sock_port, which returns EAI_FAMILY (i.e. it can't deal with
IPV6), and sshd then dies.

passing the -4 option to sshd fixes this (forcing the use of IPV4
address), but this is clearly a workaround, not a solution.

Matthew

-- 
Rapun.sel - outermost outpost of the Pick Empire
http://www.pick.ucam.org

Reply to:

Follow-Ups:
- Re: ssh and ipv6
  - From: Anand Kumria <wildfire@progsoc.uts.edu.au>

References:
- ssh and ipv6
  - From: "M.C. Vernon" <mcv21@cus.cam.ac.uk>
- Re: ssh and ipv6
  - From: "Jeremy T. Bouse" <Jeremy.Bouse@UnderGrid.net>

Prev by Date: Re: ssh and ipv6
Next by Date: Re: ssh and ipv6
Previous by thread: Re: ssh and ipv6
Next by thread: Re: ssh and ipv6
Index(es):
- Date
- Thread