ssh -g has no effect if master socket already open

Bug #1259939 reported by Ken Sharp
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
portable OpenSSH
Confirmed
Low
openssh (Debian)
Fix Released
Unknown
openssh (Ubuntu)
Confirmed
Low
Unassigned

Bug Description

From the man page:
 -g Allows remote hosts to connect to local forwarded ports.

When working with a control socket, this works fine if -g is included with the initial connect attempt, for example:

$ cat ~/.ssh/config
Host *
ControlMaster auto
ControlPath ~/.ssh/%r@%h:%p

$ ssh -gTfNL 12345:localhost:12345 host
$ netstat -tln

tcp 0 0 0.0.0.0:12345 0.0.0.0:* LISTEN -

$ lsof -n

ssh 182446 user 3u IPv4 76397177 0t0 TCP 192.168.0.9:51181->192.168.0.15:ssh (ESTABLISHED)
ssh 182446 user 4u IPv4 76397181 0t0 TCP *:3128 (LISTEN)
ssh 182446 user 5u IPv6 76397182 0t0 TCP *:3128 (LISTEN)

and similarly:

$ ssh -g host
user@host:~$ exit
$ ssh -gTfNL 12345:localhost:12345 host
$ netstat -tln

tcp 0 0 0.0.0.0:12345 0.0.0.0:* LISTEN -

However, if it isn't then -g is ignored on subsequent attempts to forward ports:

$ ssh host
user@host:~$ exit
$ ssh -g -L 12345:localhost:12345 host
$ netstat -tln

tcp 0 0 127.0.0.1:12345 0.0.0.0:* LISTEN -

$ lsof -n

ssh 182399 user 3u IPv4 76390396 0t0 TCP 192.168.0.9:51178->192.168.0.15:ssh (ESTABLISHED)
ssh 182399 user 4u unix 0x0000000000000000 0t0 76390976 /home/user/.ssh/user@host
ssh 182399 user 6u IPv6 76392394 0t0 TCP [::1]:3128 (LISTEN)
ssh 182399 user 7u IPv4 76392395 0t0 TCP 127.0.0.1:3128 (LISTEN)

This doesn't really make sense: ssh should still be capable of binding to the correct address as requested.

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: ssh (not installed)
ProcVersionSignature: Ubuntu 3.8.0-33.48~precise1-generic 3.8.13.11
Uname: Linux 3.8.0-33-generic i686
ApportVersion: 2.0.1-0ubuntu17.6
Architecture: i386
Date: Tue Dec 10 12:59:33 2013
InstallationMedia: Ubuntu-Server 12.04.1 LTS "Precise Pangolin" - Release i386 (20120817.3)
MarkForUpload: True
ProcEnviron:
 LANGUAGE=en_GB:en
 TERM=xterm
 PATH=(custom, no user)
 LANG=en_GB.UTF-8
 SHELL=/bin/bash
SourcePackage: openssh
UpgradeStatus: No upgrade log present (probably fresh install)

Ken Sharp (kennybobs)
summary: - ssh -g has no effect is master socket already open
+ ssh -g has no effect if master socket already open
Revision history for this message
Ken Sharp (kennybobs) wrote :

Same in Trusty and Debian Testing.

tags: added: amd64 trusty
Revision history for this message
In , Imwellcushtymelike (imwellcushtymelike) wrote :

From the man page:
 -g Allows remote hosts to connect to local forwarded ports.

When working with a control socket, this works fine if -g is included with the initial connect attempt, for example:

$ cat ~/.ssh/config
Host *
ControlMaster auto
ControlPath ~/.ssh/%r@%h:%p

$ ssh -gTfNL 12345:localhost:12345 host
$ netstat -tln

tcp 0 0 0.0.0.0:12345 0.0.0.0:* LISTEN -

$ lsof -n

ssh 182446 user 3u IPv4 76397177 0t0 TCP 192.168.0.9:51181->192.168.0.15:ssh (ESTABLISHED)
ssh 182446 user 4u IPv4 76397181 0t0 TCP *:3128 (LISTEN)
ssh 182446 user 5u IPv6 76397182 0t0 TCP *:3128 (LISTEN)

and similarly:

$ ssh -g host
user@host:~$ exit
$ ssh -gTfNL 12345:localhost:12345 host
$ netstat -tln

tcp 0 0 0.0.0.0:12345 0.0.0.0:* LISTEN -

However, if it isn't then -g is ignored on subsequent attempts to forward ports:

$ ssh host
user@host:~$ exit
$ ssh -g -L 12345:localhost:12345 host
$ netstat -tln

tcp 0 0 127.0.0.1:12345 0.0.0.0:* LISTEN -

$ lsof -n

ssh 182399 user 3u IPv4 76390396 0t0 TCP 192.168.0.9:51178->192.168.0.15:ssh (ESTABLISHED)
ssh 182399 user 4u unix 0x0000000000000000 0t0 76390976 /home/user/.ssh/user@host
ssh 182399 user 6u IPv6 76392394 0t0 TCP [::1]:3128 (LISTEN)
ssh 182399 user 7u IPv4 76392395 0t0 TCP 127.0.0.1:3128 (LISTEN)

This doesn't really make sense: ssh should still be capable of binding to the correct address as requested.

From:
https://bugs.launchpad.net/debian/+source/openssh/+bug/1259939
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731950

Changed in openssh (Debian):
status: Unknown → Confirmed
Changed in openssh:
importance: Unknown → Low
status: Unknown → Confirmed
Changed in openssh (Ubuntu):
importance: Undecided → Low
status: New → Confirmed
Changed in openssh (Debian):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.