bugzilla-daemon at mindrot.org
2006-Oct-12 23:53 UTC
[Bug 1250] sshd client connections persist across IP change
http://bugzilla.mindrot.org/show_bug.cgi?id=1250
Summary: sshd client connections persist across IP change
Product: Portable OpenSSH
Version: 4.3p2
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: trivial
Priority: P4
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: openssh.mindrot.org at neo-neural.net
On a default build using Debian 3.1r3, OpenSSH 4.3p2, on a system with
multiple NICs installed:
1. connect to sshd server via IP with eth0 up (all other interfaces
down)
2. bring down eth0 from console, bring up eth1 on a different IP in
same subnet
3. observe initial sshd connection as still active and working
The client was PuTTY 0.58, for posterity. No DNS or hosts entries
existed for the server. sshd_config is default, listening on all
available IPs.
This is more of a feature than a bug, I suppose, but while I can't yet
imagine how someone could exploit this improperly, it certainly wasn't
expected behaviour (which was for the client connection to die
eventually).
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Oct-13 00:34 UTC
[Bug 1250] sshd client connections persist across IP change
http://bugzilla.mindrot.org/show_bug.cgi?id=1250
------- Comment #1 from dtucker at zip.com.au 2006-10-13 10:34 -------
If you run "netstat -n" do you see the TCP connections with the old or
new local IP address? I suspect that the IP address is still
configured on eth0 and the kernel is still processing the connections
(as long as the client routes the packets to the server) and that if
you unconfigure the IP ("ifconfig eth0 inet 0.0.0.0") it will stop
working.
Either way, having a TCP connection behave this way is a bug/feature of
the OS...
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.