Hello, recently we noticed that the behavior of too long ControlPath sockets changed in OpenSSH 6.7 from non-fatal error to fatal. The change was brought in by the unix-domain socket forwarding [1] and is not completely clear if it is intentional or not. It can be simply reproduced by trying to set up long ControlPath (common in Ansible): ssh -o ControlPath=/var/lib/very-long-installer/.ansible/cp/ansible-ssh-%h-%p-%r -o ControlMaster=yes jenkins.localdomain hostname ControlPath "/var/lib/very-long-installer/.ansible/cp/ansible-ssh-jenkins-localdomain-22-installer.RpqsfHyo1aAYZIg2" too long for Unix domain socket The OpenSSH 6.6p1 successfully falls back to not using MUX (goto disable_mux_master;), but newer versions interpret it as a fatal errors and exit. I understand that I might be late for party and being strict about configuration options is a good thing, but having this functionality backward compatible would be very helpful for existing scripts. Is this intentional change? Can we stick back to the old behavior? [1] https://github.com/Jakuje/openssh-portable/commit/7acefbbc Thanks, -- Jakub Jelen Software Engineer Security Technologies Red Hat
On Wed, May 3, 2017 at 6:27 PM, Jakub Jelen <jjelen at redhat.com> wrote:> [...] > Is this intentional change? Can we stick back to the old behavior? >Leaving aside whether or not it was a deliberate change, it was more than three years ago so complaints now about backward compatibility seem, well, a bit late. -- Darren Tucker (dtucker at zip.com.au) GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new) Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.