Re: Debian and IPV6
As you suspected, when started with the -- -6 option, sshd does
not listen for ipv4 traffic on port 22. When I try to connect
with ssh -4, the sshd negotiates a -6 connection anyway. I
suppose this makes since, since declaring -- -6 says to operate
ONLY in IPV6. What I need is for the daemon to listen for both
protocols. Does anyone know if it is possible? Does it require
a recompile or special configure flag when installing?
Thanks for any help.
Regards,
Russ
On Sun, 29 Dec 2002, Mark Zimmerman wrote:
> On Sun, Dec 29, 2002 at 09:41:49AM -0600, Russ Cook wrote:
> > Mark,
> > Thanks for the reply. I tried your suggestion of adding the -- -6
> > option to the start-stop-daemon lines in /etc/init.d/ssh. I then
> > tried to connect to the host with ssh and ssh -6. Both attempts succeded,
> > as shown in the subsequent netstat -A inet6 -an
> >
> > Script started on Sun Dec 29 09:38:04 2002
> > p90:/home/russ# netstat -A inet6 -an
> > Active Internet connections (servers and established)
> > Proto Recv-Q Send-Q Local Address Foreign Address State
> > tcp 0 0 :::80 :::* LISTEN
> > tcp 0 0 :::22 :::* LISTEN
> > tcp 0 0 ::ffff:192.168.1.1:22 ::ffff:192.168.1.2:3238 ESTABLISHED
> > tcp 0 0 3ffe:b80:1853:1:250::22 3ffe:b80:1853:1:25:3239 ESTABLISHED
> > p90:/home/russ# exit
> >
> > Script done on Sun Dec 29 09:38:19 2002
> >
> > It represents my IPv4 connection with a IPv6 style address, however.
> > Does this imply that both connections are actually ip6 connections?
> >
>
> Yes. Addresses like this are a feature of IPv6. I suspect what is
> happening is this:
>
> 1. ssh tries to connect with IPv4 and fails because the server is not
> listening on that port.
> 2. ssh builds the hybrid address, tries that, and succeeds.
>
> To verify that sshd is not listening on IPv4, substitute inet for
> inet6 in your netstat command and look for port 22.
>
> > Would you mind sending me the sample lines from your sshd_config file
> > where you configured two listening lines with explicit addresses?
> >
>
> ListenAddress 192.168.132.16
> ListenAddress fec0::a00:20ff:fe0c:81ca
>
> -- Mark
>
Reply to: