Christian Hesse <list@xxxxxxxx> on Tue, 2015/05/05 09:30: > Damien Miller <djm@xxxxxxxxxxx> on Tue, 2015/05/05 12:36: > > On Mon, 4 May 2015, Christian Hesse wrote: > > > > > Hello everybody, > > > > > > I have systemd set up to listen on ssh socket (:::22), the connection is > > > handled to sshd via socket activation. Usually this works perfectly > > > fine. > > > > > > However the service is checked from nagios. Sometimes the host logs: > > > > > > systemd[1]: Started OpenSSH Per-Connection Daemon ([::1]:60865). > > > systemd[1]: Starting OpenSSH Per-Connection Daemon ([::1]:60865)... > > > systemd[1]: Started OpenSSH Per-Connection Daemon (127.0.0.1:41286). > > > systemd[1]: Starting OpenSSH Per-Connection Daemon (127.0.0.1:41286)... > > > sshd[2854]: Connection closed by ::1 [preauth] > > > sshd[2855]: fatal: ssh_dispatch_run_fatal: Connection reset by peer > > > [preauth] > > > > > > Looks like this happens if we have two incoming connection (::1 and > > > 127.0.0.1 are checked) at the some time. > > > Why does this happen? Who's fault is it? As these are TCP connections I > > > would expect it is not a problem to know what packet belongs to what > > > connection. > > > > You might need to look at server debug output and/or tcpdumps to see > > what is going on here, but it looks like whatever is making the > > connections is gracefully closing one but unceremoniously dropping the > > other. > > > > BTW openssh HEAD has a more useful error message for connections closed > > by TCP reset. > > Tried with HEAD from git master, but I can not reproduce it there... > I will let you know if I can give more information about what is going on. Just bisected the issue... Looks like commit 671eb9676cc78de450e68efae5443a3be649da89 ("refactor ssh_dispatch_run_fatal() to use sshpkt_fatal()") fixes this. Thanks a lot! -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];) putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);}
Attachment:
pgpURrVhy5Dc7.pgp
Description: OpenPGP digital signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev