Steffen Nurpmeso
2016-Sep-09 13:15 UTC
fyi: agent forwarding fails (with enabled ControlMaster) after time shift on client
Hello. Yes, i think that was the cause why agent forwarding wasn't performed at all, i had to rm(1) the control socket and the next ssh(1) connection forwarded the agent normally again. (It was a huge timeshift by several hours.) I.e., just in case this is something you didn't have on your radar yet. Ciao. --steffen
Damien Miller
2016-Sep-11 04:18 UTC
fyi: agent forwarding fails (with enabled ControlMaster) after time shift on client
On Fri, 9 Sep 2016, Steffen Nurpmeso wrote:> Hello. > > Yes, i think that was the cause why agent forwarding wasn't > performed at all, i had to rm(1) the control socket and the next > ssh(1) connection forwarded the agent normally again. (It was > a huge timeshift by several hours.) I.e., just in case this is > something you didn't have on your radar yet.Do you know whether the agent was still running or if it has terminated? Did you load your keys with a timeout set? -d
Steffen Nurpmeso
2016-Sep-12 11:06 UTC
fyi: agent forwarding fails (with enabled ControlMaster) after time shift on client
Good morning and happy Monday. Damien Miller <djm at mindrot.org> wrote: |On Fri, 9 Sep 2016, Steffen Nurpmeso wrote: |> Yes, i think that was the cause why agent forwarding wasn't |> performed at all, i had to rm(1) the control socket and the next |> ssh(1) connection forwarded the agent normally again. (It was |> a huge timeshift by several hours.) I.e., just in case this is |> something you didn't have on your radar yet. | |Do you know whether the agent was still running or if it has terminated? It is running from Monday to Saturday (supervising a terminal multiplexer, from within which everything happens (and itself supervised by ssh session without agent forwarding, on hardware)). |Did you load your keys with a timeout set? No. The only timeouts i have are ControlPersist, RekeyLimit, and ServerAliveInterval. The server is default AlpineLinux less some access methods, with only one KexAlgorithm and set ClientAlive*. --steffen