similar to: Security implications of using ControlMaster

On Tue, Jan 21, 2020 at 11:08:51AM +1100, Damien Miller wrote: > So IMO disallowing session multiplexing is at most a speedbump that an > attacker will cross with relative ease. Speedbumps make sense sometimes, An attacker getting root on the jumphost gets immediate control of any _current_ persistent connections and new connections. Without ControlMaster it's a _lot_ harder to take

https://bugzilla.mindrot.org/show_bug.cgi?id=2420 Bug ID: 2420 Summary: Race condition regarding ControlPersist and ControlMaster=auto Product: Portable OpenSSH Version: 6.6p1 Hardware: amd64 OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh

http://bugzilla.mindrot.org/show_bug.cgi?id=1330 Summary: RFE: 'ControlPersist' support -- automatically fork and leave ControlMaster behind as a d?mon Product: Portable OpenSSH Version: 4.6p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component:

https://bugzilla.mindrot.org/show_bug.cgi?id=2065 Bug ID: 2065 Summary: double confirmation with ssh-add -c and ControlMaster autoask Classification: Unclassified Product: Portable OpenSSH Version: 6.0p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P3

https://bugzilla.mindrot.org/show_bug.cgi?id=1938 Bug #: 1938 Summary: EscapeChar sometimes don't work when using ControlMaster Classification: Unclassified Product: Portable OpenSSH Version: 5.8p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2

https://bugzilla.mindrot.org/show_bug.cgi?id=3589 Bug ID: 3589 Summary: ControlMaster auto, persist and -f fail. Product: Portable OpenSSH Version: 9.3p1 Hardware: amd64 OS: Linux Status: NEW Severity: minor Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org

https://bugzilla.mindrot.org/show_bug.cgi?id=1917 Darren Tucker <dtucker at zip.com.au> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |dtucker at zip.com.au --- Comment #10 from Darren Tucker <dtucker at zip.com.au> --- Created attachment

https://bugzilla.mindrot.org/show_bug.cgi?id=1917 Bug #: 1917 Summary: Escape sequence (~) doesn't work right with ControlMaster/ControlPersist connections Classification: Unclassified Product: Portable OpenSSH Version: 5.8p1 Platform: All OS/Version: All Status: NEW Severity: normal

Hi, It seems there is a problem regarding ControlMaster and scp'ing a file depending on the current working directory: $ cd ~/Personnel $ scp -o ControlMaster=yes cox.jpg host.local: muxserver_listen bind(): No such file or directory lost connection $ scp -o ControlMaster=no cox.jpg host.local: cox.jpg 100% 222KB 222.1KB/s 00:00 $ cd $ scp -o

https://bugzilla.mindrot.org/show_bug.cgi?id=2621 Bug ID: 2621 Summary: ControlMaster started by scp (non-ssh?) doesn't forward agent Product: Portable OpenSSH Version: 7.3p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: Miscellaneous

https://bugzilla.mindrot.org/show_bug.cgi?id=2414 Bug ID: 2414 Summary: ControlMaster directive should be ignored on Cygwin Product: Portable OpenSSH Version: -current Hardware: Other OS: Cygwin on NT/2k Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee:

https://bugzilla.mindrot.org/show_bug.cgi?id=3610 Bug ID: 3610 Summary: Using ControlPath and the -J option Product: Portable OpenSSH Version: 8.9p1 Hardware: All OS: Linux Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org

Ciao Luca, Luca Filipozzi <lfilipoz at emyr.net> writes: >> [ ... ] > Neat. I do something similar: in order to circumvent obnoxious airport / > coffee shop firewalls that block non-HTTPS traffic, I configured haproxy > to offer 'SSH over HTTPS'. haproxy terminates the HTTPS connection > (which is SNI-aware) while sshd on the target machine terminates the >

http://bugzilla.mindrot.org/show_bug.cgi?id=1349 Summary: race condition with ControlMaster=auto Product: Portable OpenSSH Version: 4.6p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy: dot at dotat.at

https://bugzilla.mindrot.org/show_bug.cgi?id=3220 Bug ID: 3220 Summary: Possible bug if ControlMaster + ControlPersist and `-t` Product: Portable OpenSSH Version: 8.4p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh

When I'm running interactive ssh session which is ControlMaster and I run scp or sftp to same host, creating another channel, it seems that ssh is stuffing the packets together exceeding MTU. I've for years ran QoS where I prioritize small packets, as it is clean and easy way to guarantee low latency to pretty much all you care for. Unfortunately ControlMaster packet stuffing breaks this,

On Tue, Jan 21, 2020 at 12:18:52PM +1100, Damien Miller wrote: > I wouldn't say it's a lot harder to take control of current connections - > writing a ptrace-based tool that hijacked a running ssh client and > injected a one-off implant payload via keystrokes doesn't seem like > much work. * Injection of key strokes into an existing channel may be detected just because

https://bugzilla.mindrot.org/show_bug.cgi?id=2000 Bug #: 2000 Summary: when using ssh with ControlMaster/ControlPersist, one may get zombie processes Classification: Unclassified Product: Portable OpenSSH Version: 5.9p1 Platform: All OS/Version: All Status: NEW Severity: major

Hi. Perhaps you can help me with this: What I do is using Nagios (actually Icinga) and having checks on remote hosts executed via ssh. In order to dramatically speed checks up (from about 0,300 ms to 0,010 ms) I use ControlMaster = auto, which also makes the mux process spawned on the first check. As checks are typically sequentially scheduled I want the mux process to persist but it should

https://bugzilla.mindrot.org/show_bug.cgi?id=2000 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |DUPLICATE Status|REOPENED |RESOLVED --- Comment #9 from Damien Miller <djm at