Displaying 20 results from an estimated 6000 matches similar to: "Security implications of using ControlMaster"
2020 Jan 21
2
Security implications of using ControlMaster
On Tue, Jan 21, 2020 at 11:08:51AM +1100, Damien Miller wrote:
> So IMO disallowing session multiplexing is at most a speedbump that an
> attacker will cross with relative ease. Speedbumps make sense sometimes,
An attacker getting root on the jumphost gets immediate control of
any _current_ persistent connections and new connections. Without
ControlMaster it's a _lot_ harder to take
2015 Jul 03
6
[Bug 2420] New: Race condition regarding ControlPersist and ControlMaster=auto
https://bugzilla.mindrot.org/show_bug.cgi?id=2420
Bug ID: 2420
Summary: Race condition regarding ControlPersist and
ControlMaster=auto
Product: Portable OpenSSH
Version: 6.6p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh
2007 Jul 05
36
[Bug 1330] New: RFE: 'ControlPersist' support -- automatically fork and leave ControlMaster behind as a dæmon
http://bugzilla.mindrot.org/show_bug.cgi?id=1330
Summary: RFE: 'ControlPersist' support -- automatically fork and
leave ControlMaster behind as a d?mon
Product: Portable OpenSSH
Version: 4.6p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component:
2013 Jan 29
2
[Bug 2065] New: double confirmation with ssh-add -c and ControlMaster autoask
https://bugzilla.mindrot.org/show_bug.cgi?id=2065
Bug ID: 2065
Summary: double confirmation with ssh-add -c and ControlMaster
autoask
Classification: Unclassified
Product: Portable OpenSSH
Version: 6.0p1
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P3
2011 Sep 19
2
[Bug 1938] New: EscapeChar sometimes don't work when using ControlMaster
https://bugzilla.mindrot.org/show_bug.cgi?id=1938
Bug #: 1938
Summary: EscapeChar sometimes don't work when using
ControlMaster
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.8p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
2023 Jul 19
9
[Bug 3589] New: ControlMaster auto, persist and -f fail.
https://bugzilla.mindrot.org/show_bug.cgi?id=3589
Bug ID: 3589
Summary: ControlMaster auto, persist and -f fail.
Product: Portable OpenSSH
Version: 9.3p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
2013 Jun 06
5
[Bug 1917] Escape sequence (~) doesn't work right with ControlMaster/ControlPersist connections
https://bugzilla.mindrot.org/show_bug.cgi?id=1917
Darren Tucker <dtucker at zip.com.au> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dtucker at zip.com.au
--- Comment #10 from Darren Tucker <dtucker at zip.com.au> ---
Created attachment
[Bug 1917] New: Escape sequence (~) doesn't work right with ControlMaster/ControlPersist connections
2011 Jul 04
10
[Bug 1917] New: Escape sequence (~) doesn't work right with ControlMaster/ControlPersist connections
https://bugzilla.mindrot.org/show_bug.cgi?id=1917
Bug #: 1917
Summary: Escape sequence (~) doesn't work right with
ControlMaster/ControlPersist connections
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.8p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
2012 May 31
1
ControlMaster, scp and current working directory
Hi,
It seems there is a problem regarding ControlMaster and scp'ing a file
depending on the current working directory:
$ cd ~/Personnel
$ scp -o ControlMaster=yes cox.jpg host.local:
muxserver_listen bind(): No such file or directory
lost connection
$ scp -o ControlMaster=no cox.jpg host.local:
cox.jpg 100% 222KB 222.1KB/s 00:00
$ cd
$ scp -o
2016 Oct 04
8
[Bug 2621] New: ControlMaster started by scp (non-ssh?) doesn't forward agent
https://bugzilla.mindrot.org/show_bug.cgi?id=2621
Bug ID: 2621
Summary: ControlMaster started by scp (non-ssh?) doesn't
forward agent
Product: Portable OpenSSH
Version: 7.3p1
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: Miscellaneous
2015 Jun 17
5
[Bug 2414] New: ControlMaster directive should be ignored on Cygwin
https://bugzilla.mindrot.org/show_bug.cgi?id=2414
Bug ID: 2414
Summary: ControlMaster directive should be ignored on Cygwin
Product: Portable OpenSSH
Version: -current
Hardware: Other
OS: Cygwin on NT/2k
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee:
2023 Aug 31
6
[Bug 3610] New: Using ControlPath and the -J option
https://bugzilla.mindrot.org/show_bug.cgi?id=3610
Bug ID: 3610
Summary: Using ControlPath and the -J option
Product: Portable OpenSSH
Version: 8.9p1
Hardware: All
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
2020 Jan 13
3
Adding SNI support to SSH
Ciao Luca,
Luca Filipozzi <lfilipoz at emyr.net> writes:
>> [ ... ]
> Neat. I do something similar: in order to circumvent obnoxious airport /
> coffee shop firewalls that block non-HTTPS traffic, I configured haproxy
> to offer 'SSH over HTTPS'. haproxy terminates the HTTPS connection
> (which is SNI-aware) while sshd on the target machine terminates the
>
2007 Aug 04
13
[Bug 1349] New: race condition with ControlMaster=auto
http://bugzilla.mindrot.org/show_bug.cgi?id=1349
Summary: race condition with ControlMaster=auto
Product: Portable OpenSSH
Version: 4.6p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: bitbucket at mindrot.org
ReportedBy: dot at dotat.at
2009 Oct 04
1
ControlMaster and packet stuffing
When I'm running interactive ssh session which is ControlMaster and I run scp
or sftp to same host, creating another channel, it seems that ssh is stuffing
the packets together exceeding MTU.
I've for years ran QoS where I prioritize small packets, as it is clean and
easy way to guarantee low latency to pretty much all you care for.
Unfortunately ControlMaster packet stuffing breaks this,
2020 Oct 06
5
[Bug 3220] New: Possible bug if ControlMaster + ControlPersist and `-t`
https://bugzilla.mindrot.org/show_bug.cgi?id=3220
Bug ID: 3220
Summary: Possible bug if ControlMaster + ControlPersist and
`-t`
Product: Portable OpenSSH
Version: 8.4p1
Hardware: Other
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
2012 Apr 25
4
[Bug 2000] New: when using ssh with ControlMaster/ControlPersist, one may get zombie processes
https://bugzilla.mindrot.org/show_bug.cgi?id=2000
Bug #: 2000
Summary: when using ssh with ControlMaster/ControlPersist, one
may get zombie processes
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.9p1
Platform: All
OS/Version: All
Status: NEW
Severity: major
2020 Jan 21
2
Security implications of using ControlMaster
On Tue, Jan 21, 2020 at 12:18:52PM +1100, Damien Miller wrote:
> I wouldn't say it's a lot harder to take control of current connections -
> writing a ptrace-based tool that hijacked a running ssh client and
> injected a one-off implant payload via keystrokes doesn't seem like
> much work.
* Injection of key strokes into an existing channel may be detected
just because
2012 Apr 09
0
ControlMaster and ControlPersist leads to zombie processes
Hi.
Perhaps you can help me with this:
What I do is using Nagios (actually Icinga) and having checks on remote
hosts executed via ssh.
In order to dramatically speed checks up (from about 0,300 ms to 0,010
ms) I use ControlMaster = auto, which also makes the mux process spawned
on the first check.
As checks are typically sequentially scheduled I want the mux process
to persist but it should
2016 Apr 28
0
[Bug 2000] when using ssh with ControlMaster/ControlPersist, one may get zombie processes
https://bugzilla.mindrot.org/show_bug.cgi?id=2000
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |DUPLICATE
Status|REOPENED |RESOLVED
--- Comment #9 from Damien Miller <djm at