/usr/local/bin/mosh broken by recent ssh changes ?

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

/usr/local/bin/mosh broken by recent ssh changes ?

Matthieu Herrb-7
Hi,

on amd64-current on the client side, mosh now fails to connect to
remote hosts :

/usr/local/bin/mosh: Did not find remote IP address (is SSH ProxyCommand disabled?).
Exit 10

The remote host has not changed its configuration (It's an OpenBSD 6.2
machine that I haven't upgraded or rebooted yet).

Apparently there where changes in the way ProxyCommand is handled in
ssh, but it doesn't look like it's now disabled by default.

Did I miss something?

 > From: Damien Miller <[hidden email]>
 > Date: Thu, 15 Nov 2018 23:17:38 -0700 (MST)
 > To: [hidden email]
 > Subject: CVS: cvs.openbsd.org: src
 >
 > CVSROOT:        /cvs
 > Module name:    src
 > Changes by:     [hidden email]     2018/11/15 23:17:38
 >
 > Modified files:
 >         usr.bin/ssh    : sshconnect.c
 >
 > Log message:
 > redirect stderr of ProxyCommands to /dev/null when ssh is started with
 > ControlPersist; based on patch from Steffen Prohaska

--
Matthieu Herrb
 

Reply | Threaded
Open this post in threaded view
|

Re: /usr/local/bin/mosh broken by recent ssh changes ?

Darren Tucker-3
On Sat, 17 Nov 2018 at 18:29, Matthieu Herrb <[hidden email]> wrote:

> on amd64-current on the client side, mosh now fails to connect to
> remote hosts :
>
> /usr/local/bin/mosh: Did not find remote IP address (is SSH ProxyCommand
> disabled?).
> Exit 10
>

What does the client's ~/.ssh/config look like for that host?

--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
Reply | Threaded
Open this post in threaded view
|

Re: /usr/local/bin/mosh broken by recent ssh changes ?

Matthieu Herrb-7
On Sat, Nov 17, 2018 at 09:47:19PM +1100, Darren Tucker wrote:

> On Sat, 17 Nov 2018 at 18:29, Matthieu Herrb <[hidden email]> wrote:
>
> > on amd64-current on the client side, mosh now fails to connect to
> > remote hosts :
> >
> > /usr/local/bin/mosh: Did not find remote IP address (is SSH ProxyCommand
> > disabled?).
> > Exit 10
> >
>
> What does the client's ~/.ssh/config look like for that host?
>

Nothing special. only host * at the end with
ForwardAgent no
ForwardX11 no


that's probably redundant.


> --
> Darren Tucker (dtucker at dtucker.net)
> GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
>     Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.

--
Matthieu Herrb

Reply | Threaded
Open this post in threaded view
|

Re: /usr/local/bin/mosh broken by recent ssh changes ?

Darren Tucker-3
Was able to reproduce and confirmed by bisecting that the "redirect stderr
of ProxyCommands to /dev/null when ssh is started with ControlPersist"
change is where it breaks, but I don't understand what mosh is doing under
the covers that now doesn't work.  Will look further.

--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
Reply | Threaded
Open this post in threaded view
|

Re: /usr/local/bin/mosh broken by recent ssh changes ?

Darren Tucker-3
On Sun, 18 Nov 2018 at 09:48, Darren Tucker <[hidden email]> wrote:

> Was able to reproduce and confirmed by bisecting that the "redirect stderr
> of ProxyCommands to /dev/null when ssh is started with ControlPersist"
> change is where it breaks, but I don't understand what mosh is doing under
> the covers that now doesn't work.  Will look further.
>

Not sure if I understand the intent of the change correctly, but to me the
logic looks inverted.

                /*
                 * Stderr is left for non-ControlPersist connections is so
                 * error messages may be printed on the user's terminal.
                 */
                if (debug_flag || !options.control_persist)
                        stderr_null();

If nothing else the control_persist part should probably check if
ControlPath is set too.

You can work around it by setting ControlPersist=yes either in
~/.ssh/config or via mosh's --ssh option.

--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
Reply | Threaded
Open this post in threaded view
|

Re: /usr/local/bin/mosh broken by recent ssh changes ?

Darren Tucker-3
On Sun, Nov 18, 2018 at 10:03:20AM +1100, Darren Tucker wrote:

> On Sun, 18 Nov 2018 at 09:48, Darren Tucker <[hidden email]> wrote:
>
> > Was able to reproduce and confirmed by bisecting that the "redirect stderr
> > of ProxyCommands to /dev/null when ssh is started with ControlPersist"
> > change is where it breaks, but I don't understand what mosh is doing under
> > the covers that now doesn't work.  Will look further.
> >
>
> Not sure if I understand the intent of the change correctly, but to me the
> logic looks inverted.
>
>                 /*
>                  * Stderr is left for non-ControlPersist connections is so
>                  * error messages may be printed on the user's terminal.
>                  */
>                 if (debug_flag || !options.control_persist)
>                         stderr_null();
>
> If nothing else the control_persist part should probably check if
> ControlPath is set too.

ok?

diff --git a/sshconnect.c b/sshconnect.c
index a700f467..ed86d0d9 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -163,7 +163,8 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
  * Stderr is left for non-ControlPersist connections is so
  * error messages may be printed on the user's terminal.
  */
- if (debug_flag || !options.control_persist)
+ if (!debug_flag && options.control_path != NULL &&
+    options.control_persist)
  stderr_null();
 
  argv[0] = shell;
@@ -245,7 +246,8 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
  * Stderr is left for non-ControlPersist connections is so
  * error messages may be printed on the user's terminal.
  */
- if (debug_flag || !options.control_persist)
+ if (!debug_flag && options.control_path != NULL &&
+    options.control_persist)
  stderr_null();
 
  argv[0] = shell;

--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Reply | Threaded
Open this post in threaded view
|

Re: /usr/local/bin/mosh broken by recent ssh changes ?

Daniel Jakots-3
On Sun, 18 Nov 2018 10:10:30 +1100, Darren Tucker <[hidden email]>
wrote:

> On Sun, Nov 18, 2018 at 10:03:20AM +1100, Darren Tucker wrote:

> You can work around it by setting ControlPersist=yes either in
> ~/.ssh/config or via mosh's --ssh option.


 
> ok?

This diff makes mosh work again, thanks!
(ok danj@ fwiw)

> diff --git a/sshconnect.c b/sshconnect.c
> index a700f467..ed86d0d9 100644
> --- a/sshconnect.c
> +++ b/sshconnect.c
> @@ -163,7 +163,8 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const
> char *host, u_short port,
>   * Stderr is left for non-ControlPersist connections
> is so
>   * error messages may be printed on the user's
> terminal. */
> - if (debug_flag || !options.control_persist)
> + if (!debug_flag && options.control_path != NULL &&
> +    options.control_persist)
>   stderr_null();
>  
>   argv[0] = shell;
> @@ -245,7 +246,8 @@ ssh_proxy_connect(struct ssh *ssh, const char
> *host, u_short port,
>   * Stderr is left for non-ControlPersist connections
> is so
>   * error messages may be printed on the user's
> terminal. */
> - if (debug_flag || !options.control_persist)
> + if (!debug_flag && options.control_path != NULL &&
> +    options.control_persist)
>   stderr_null();
>  
>   argv[0] = shell;
>

Reply | Threaded
Open this post in threaded view
|

Re: /usr/local/bin/mosh broken by recent ssh changes ?

Damien Miller
In reply to this post by Darren Tucker-3
ok djm

why does mosh depend on the stderr of a proxycommand?

On Sun, 18 Nov 2018, Darren Tucker wrote:

> On Sun, Nov 18, 2018 at 10:03:20AM +1100, Darren Tucker wrote:
> > On Sun, 18 Nov 2018 at 09:48, Darren Tucker <[hidden email]> wrote:
> >
> > > Was able to reproduce and confirmed by bisecting that the "redirect stderr
> > > of ProxyCommands to /dev/null when ssh is started with ControlPersist"
> > > change is where it breaks, but I don't understand what mosh is doing under
> > > the covers that now doesn't work.  Will look further.
> > >
> >
> > Not sure if I understand the intent of the change correctly, but to me the
> > logic looks inverted.
> >
> >                 /*
> >                  * Stderr is left for non-ControlPersist connections is so
> >                  * error messages may be printed on the user's terminal.
> >                  */
> >                 if (debug_flag || !options.control_persist)
> >                         stderr_null();
> >
> > If nothing else the control_persist part should probably check if
> > ControlPath is set too.
>
> ok?
>
> diff --git a/sshconnect.c b/sshconnect.c
> index a700f467..ed86d0d9 100644
> --- a/sshconnect.c
> +++ b/sshconnect.c
> @@ -163,7 +163,8 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
>   * Stderr is left for non-ControlPersist connections is so
>   * error messages may be printed on the user's terminal.
>   */
> - if (debug_flag || !options.control_persist)
> + if (!debug_flag && options.control_path != NULL &&
> +    options.control_persist)
>   stderr_null();
>  
>   argv[0] = shell;
> @@ -245,7 +246,8 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
>   * Stderr is left for non-ControlPersist connections is so
>   * error messages may be printed on the user's terminal.
>   */
> - if (debug_flag || !options.control_persist)
> + if (!debug_flag && options.control_path != NULL &&
> +    options.control_persist)
>   stderr_null();
>  
>   argv[0] = shell;
>
> --
> Darren Tucker (dtucker at dtucker.net)
> GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
>     Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.
>

Reply | Threaded
Open this post in threaded view
|

Re: /usr/local/bin/mosh broken by recent ssh changes ?

Darren Tucker-3
On Sun, Nov 18, 2018, 11:04 Damien Miller <[hidden email] wrote:

> ok djm
>
> why does mosh depend on the stderr of a proxycommand?
>

Based on my extensive (ie 5 minute) study of the code, it's turtles all the
way down.  mosh invokes ssh with a proxycommand that invokes mosh again in
a different mode, my guess is so that it can get access to the resolved
hostname, and I further guess is passes that info back via stderr.

>
Reply | Threaded
Open this post in threaded view
|

Re: /usr/local/bin/mosh broken by recent ssh changes ?

Matthieu Herrb-7
In reply to this post by Darren Tucker-3
On Sun, Nov 18, 2018 at 10:10:30AM +1100, Darren Tucker wrote:

> On Sun, Nov 18, 2018 at 10:03:20AM +1100, Darren Tucker wrote:
> > On Sun, 18 Nov 2018 at 09:48, Darren Tucker <[hidden email]> wrote:
> >
> > > Was able to reproduce and confirmed by bisecting that the "redirect stderr
> > > of ProxyCommands to /dev/null when ssh is started with ControlPersist"
> > > change is where it breaks, but I don't understand what mosh is doing under
> > > the covers that now doesn't work.  Will look further.
> > >
> >
> > Not sure if I understand the intent of the change correctly, but to me the
> > logic looks inverted.
> >
> >                 /*
> >                  * Stderr is left for non-ControlPersist connections is so
> >                  * error messages may be printed on the user's terminal.
> >                  */
> >                 if (debug_flag || !options.control_persist)
> >                         stderr_null();
> >
> > If nothing else the control_persist part should probably check if
> > ControlPath is set too.
>
> ok?

This fixes the issue for me yes.
Thanks.

>
> diff --git a/sshconnect.c b/sshconnect.c
> index a700f467..ed86d0d9 100644
> --- a/sshconnect.c
> +++ b/sshconnect.c
> @@ -163,7 +163,8 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
>   * Stderr is left for non-ControlPersist connections is so
>   * error messages may be printed on the user's terminal.
>   */
> - if (debug_flag || !options.control_persist)
> + if (!debug_flag && options.control_path != NULL &&
> +    options.control_persist)
>   stderr_null();
>  
>   argv[0] = shell;
> @@ -245,7 +246,8 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
>   * Stderr is left for non-ControlPersist connections is so
>   * error messages may be printed on the user's terminal.
>   */
> - if (debug_flag || !options.control_persist)
> + if (!debug_flag && options.control_path != NULL &&
> +    options.control_persist)
>   stderr_null();
>  
>   argv[0] = shell;
>
> --
> Darren Tucker (dtucker at dtucker.net)
> GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
>     Good judgement comes with experience. Unfortunately, the experience
> usually comes from bad judgement.

--
Matthieu Herrb

Reply | Threaded
Open this post in threaded view
|

Re: /usr/local/bin/mosh broken by recent ssh changes ?

Darren Tucker-3
On Sun, 18 Nov 2018 at 19:26, Matthieu Herrb <[hidden email]> wrote:

> This fixes the issue for me yes.
> Thanks.
>

Thanks all, diff has been committed.

--
Darren Tucker (dtucker at dtucker.net)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.