openssh unix dev - Jun 2002 - just curious

What is the expected behavior wrt ipv6 on Linux?  My brother is trying to
use sshd to bind to things and without '-6' on the commandline, it
doesn't
do any ipv6, even if 'ListenAddress ::' is listed in sshd_config.  Also,
with '-6', it receives ipv4 requests as well.

This behavior is definately different from OpenBSD .. all addresses listed
in sshd_config are used, and with none listed, it defaults to
'0.0.0.0' and '::' .. the '-6' limits connections to
ipv6 only.

Thanks,
-- 
Todd Fries .. todd at fries.net

(last updated $ToddFries: signature.p,v 1.2 2002/03/19 15:10:18 todd Exp $)

On Thu, 13 Jun 2002, Todd T. Fries wrote:
> What is the expected behavior wrt ipv6 on Linux?  My brother is trying to
> use sshd to bind to things and without '-6' on the commandline, it
doesn't
> do any ipv6, even if 'ListenAddress ::' is listed in sshd_config. 
Also,
> with '-6', it receives ipv4 requests as well.
> 
> This behavior is definately different from OpenBSD .. all addresses listed
> in sshd_config are used, and with none listed, it defaults to
> '0.0.0.0' and '::' .. the '-6' limits connections
to ipv6 only.
Compile OpenSSH without '--with-ipv4-default', and there is no need for 
'-6'.

Linux, complying with the spec (but insecure in some respects), accepts
IPv4 connections through mapped addresses on '::'.  In some versions,
this
can be prevented by using IPV6_V6ONLY setsockopt.  OpenBSD does do mapped
addresses at all.

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords