Debian Bug report logs - #731950
ssh -g has no effect if master socket already open

version graph

Package: openssh-client; Maintainer for openssh-client is Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>; Source for openssh-client is src:openssh (PTS, buildd, popcon).

Reported by: Ken Sharp <imwellcushtymelike@googlemail.com>

Date: Wed, 11 Dec 2013 15:09:02 UTC

Severity: normal

Tags: fixed-upstream

Found in versions openssh/1:6.4p1-1, openssh/1:5.9p1-5

Done: Ken Sharp <imwellcushtymelike@googlemail.com>

Bug is archived. No further changes may be made.

Forwarded to https://bugzilla.mindrot.org/show_bug.cgi?id=2183

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#731950; Package openssh-client. (Wed, 11 Dec 2013 15:09:06 GMT) (full text, mbox, link).


Acknowledgement sent to Ken Sharp <imwellcushtymelike@googlemail.com>:
New Bug report received and forwarded. Copy sent to Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>. (Wed, 11 Dec 2013 15:09:06 GMT) (full text, mbox, link).


Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Ken Sharp <imwellcushtymelike@googlemail.com>
To: submit@bugs.debian.org
Subject: ssh -g has no effect if master socket already open
Date: Wed, 11 Dec 2013 15:05:18 +0000
Package: openssh-client
Version: 1:5.9p1-5
Control: found -1 1:6.4p1-1

From the man page:
 -g      Allows remote hosts to connect to local forwarded ports.

When working with a control socket, this works fine if -g is included 
with the initial connect attempt, for example:

$ cat ~/.ssh/config
Host *
ControlMaster		auto
ControlPath		~/.ssh/%r@%h:%p

$ ssh -gTfNL 12345:localhost:12345 host
$ netstat -tln

tcp        0      0 0.0.0.0:12345             0.0.0.0:* 
LISTEN      -

$ lsof -n

ssh       182446        user    3u     IPv4           76397177       0t0 
     TCP 192.168.0.9:51181->192.168.0.15:ssh (ESTABLISHED)
ssh       182446        user    4u     IPv4           76397181       0t0 
     TCP *:3128 (LISTEN)
ssh       182446        user    5u     IPv6           76397182       0t0 
     TCP *:3128 (LISTEN)

and similarly:

$ ssh -g host
user@host:~$ exit
$ ssh -gTfNL 12345:localhost:12345 host
$ netstat -tln

tcp        0      0 0.0.0.0:12345             0.0.0.0:* 
LISTEN      -

However, if it isn't then -g is ignored on subsequent attempts to 
forward ports:

$ ssh host
user@host:~$ exit
$ ssh -g -L 12345:localhost:12345 host
$ netstat -tln

tcp        0      0 127.0.0.1:12345             0.0.0.0:* 
LISTEN      -

$ lsof -n

ssh       182399        user    3u     IPv4           76390396       0t0 
     TCP 192.168.0.9:51178->192.168.0.15:ssh (ESTABLISHED)
ssh       182399        user    4u     unix 0x0000000000000000       0t0 
76390976 /home/user/.ssh/user@host
ssh       182399        user    6u     IPv6           76392394       0t0 
     TCP [::1]:3128 (LISTEN)
ssh       182399        user    7u     IPv4           76392395       0t0 
     TCP 127.0.0.1:3128 (LISTEN)

This doesn't really make sense: ssh should still be capable of binding 
to the correct address as requested.

Originally reported:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1259939



Marked as found in versions openssh/1:6.4p1-1. Request was from Ken Sharp <imwellcushtymelike@googlemail.com> to submit@bugs.debian.org. (Wed, 11 Dec 2013 15:09:06 GMT) (full text, mbox, link).


Information forwarded to debian-bugs-dist@lists.debian.org, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#731950; Package openssh-client. (Wed, 11 Dec 2013 15:42:04 GMT) (full text, mbox, link).


Acknowledgement sent to Ken Sharp <imwellcushtymelike@googlemail.com>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>.

Your message did not contain a Subject field. They are recommended and useful because the title of a $gBug is determined using this field. Please remember to include a Subject field in your messages in future.

(Wed, 11 Dec 2013 15:42:04 GMT) (full text, mbox, link).


Message #12 received at 731950@bugs.debian.org (full text, mbox, reply):

From: Ken Sharp <imwellcushtymelike@googlemail.com>
To: 731950@bugs.debian.org
Date: Wed, 11 Dec 2013 15:39:03 +0000
Control: forwarded -1 https://bugzilla.mindrot.org/show_bug.cgi?id=2183

Built upstream source and the behaviour is the same.



Set Bug forwarded-to-address to 'https://bugzilla.mindrot.org/show_bug.cgi?id=2183'. Request was from Ken Sharp <imwellcushtymelike@googlemail.com> to control@bugs.debian.org. (Wed, 11 Dec 2013 15:45:09 GMT) (full text, mbox, link).


Added tag(s) upstream. Request was from Ken Sharp <imwellcushtymelike@googlemail.com> to control@bugs.debian.org. (Wed, 11 Dec 2013 15:45:10 GMT) (full text, mbox, link).


Removed tag(s) upstream. Request was from Ken Sharp <imwellcushtymelike@googlemail.com> to control@bugs.debian.org. (Wed, 11 Dec 2013 15:48:04 GMT) (full text, mbox, link).


Information forwarded to debian-bugs-dist@lists.debian.org, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#731950; Package openssh-client. (Wed, 11 Dec 2013 21:33:15 GMT) (full text, mbox, link).


Acknowledgement sent to Russ Allbery <rra@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>. (Wed, 11 Dec 2013 21:33:15 GMT) (full text, mbox, link).


Message #23 received at 731950@bugs.debian.org (full text, mbox, reply):

From: Russ Allbery <rra@debian.org>
To: Ken Sharp <imwellcushtymelike@googlemail.com>
Cc: 731950@bugs.debian.org
Subject: Re: Bug#731950: ssh -g has no effect if master socket already open
Date: Wed, 11 Dec 2013 13:29:03 -0800
Ken Sharp <imwellcushtymelike@googlemail.com> writes:

> However, if it isn't then -g is ignored on subsequent attempts to forward
> ports:

So far as I can tell, this is true for all port forwarding when used with
ControlMaster.  Across the board, it appears that all port forwarding has
to be specified on the original connection and is ignored for subsequent
connections.

I suspect this is inherent in the design.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>



Information forwarded to debian-bugs-dist@lists.debian.org, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#731950; Package openssh-client. (Wed, 11 Dec 2013 21:51:04 GMT) (full text, mbox, link).


Acknowledgement sent to Ken Sharp <imwellcushtymelike@googlemail.com>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>. (Wed, 11 Dec 2013 21:51:04 GMT) (full text, mbox, link).


Message #28 received at 731950@bugs.debian.org (full text, mbox, reply):

From: Ken Sharp <imwellcushtymelike@googlemail.com>
To: Russ Allbery <rra@debian.org>
Cc: 731950@bugs.debian.org
Subject: Re: Bug#731950: ssh -g has no effect if master socket already open
Date: Wed, 11 Dec 2013 21:49:23 +0000
> So far as I can tell, this is true for all port forwarding when used with
> ControlMaster.  Across the board, it appears that all port forwarding has
> to be specified on the original connection and is ignored for subsequent
> connections.

No I can add as many port forwards as I like after the master connection 
is established. All options I have tried are honoured except for -g.



Information forwarded to debian-bugs-dist@lists.debian.org, Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>:
Bug#731950; Package openssh-client. (Wed, 11 Dec 2013 22:00:04 GMT) (full text, mbox, link).


Acknowledgement sent to Russ Allbery <rra@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian OpenSSH Maintainers <debian-ssh@lists.debian.org>. (Wed, 11 Dec 2013 22:00:04 GMT) (full text, mbox, link).


Message #33 received at 731950@bugs.debian.org (full text, mbox, reply):

From: Russ Allbery <rra@debian.org>
To: Ken Sharp <imwellcushtymelike@googlemail.com>
Cc: 731950@bugs.debian.org
Subject: Re: Bug#731950: ssh -g has no effect if master socket already open
Date: Wed, 11 Dec 2013 13:57:48 -0800
Ken Sharp <imwellcushtymelike@googlemail.com> writes:

>> So far as I can tell, this is true for all port forwarding when used
>> with ControlMaster.  Across the board, it appears that all port
>> forwarding has to be specified on the original connection and is
>> ignored for subsequent connections.

> No I can add as many port forwards as I like after the master connection
> is established. All options I have tried are honoured except for -g.

Huh.  This is definitely not my experience.  I'm not sure why it behaves
differently for you.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>



Reply sent to Ken Sharp <imwellcushtymelike@googlemail.com>:
You have taken responsibility. (Fri, 19 Dec 2014 18:48:21 GMT) (full text, mbox, link).


Notification sent to Ken Sharp <imwellcushtymelike@googlemail.com>:
Bug acknowledged by developer. (Fri, 19 Dec 2014 18:48:21 GMT) (full text, mbox, link).


Message #38 received at 731950-done@bugs.debian.org (full text, mbox, reply):

From: Ken Sharp <imwellcushtymelike@googlemail.com>
To: 731950-done@bugs.debian.org
Date: Fri, 19 Dec 2014 18:46:50 +0000
This should be fixed in 6.6 or 6.7 but I can't find it in the changelog. 
It is fixed upstream.



Added tag(s) fixed-upstream. Request was from Ken Sharp <imwellcushtymelike@googlemail.com> to control@bugs.debian.org. (Fri, 02 Jan 2015 07:51:08 GMT) (full text, mbox, link).


Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sat, 31 Jan 2015 07:33:51 GMT) (full text, mbox, link).


Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Mar 25 18:54:53 2023; Machine Name: bembo

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.