Has anyone checked to make sure that this won't upset sshguard? [1] Offhand, it looks like it will [2][3]. [1] https://www.sshguard.net/ [2] https://bitbucket.org/sshguard/sshguard/src/2ed7e0aee18b7271daab92d5335c14e04bb2cc89/src/parser/attacks.txt?at=master&fileviewer=file-view-default#attacks.txt-9 [3] https://bitbucket.org/sshguard/sshguard/src/2ed7e0aee18b7271daab92d5335c14e04bb2cc89/src/parser/attacks.txt?at=master&fileviewer=file-view-default#attacks.txt-10 On Sun, Feb 25, 2018 at 2:16 AM, Matthieu Herrb <matthieu@xxxxxxxx> wrote: > On Fri, Feb 23, 2018 at 12:32:38PM +0000, Kim Minh Kaplan wrote: >> Hello, >> >> I use hosts that are dual stack configured (IPv4 and IPv6) and it >> happens that connectivity through one or the other is broken and >> timeouts. In these case connection to the SSH server can take quite some >> time as ssh waits for the first address to timeout before trying the >> next. >> >> So I gave a stab at implementing RFC 8305. This patch implements part of >> it in sshconnect.c. >> >> * It does not do section 3 (initiation of asynchronous DNS queries, a >> SHOULD). >> * It does not do section 4 (sorting of resolved destination >> addresses). That means it does not do the RFC 6724 address sort >> which is a MUST. The order is still the one from getaddrinfo(3). >> * It implements section 5 (initiation of asynchronous connection >> attempts). It paces the connection attempts 250 milliseconds appart >> as recommended. Once a connection attempt succeeds it cancels all >> other initiated connections and ignores addresses not yet used. >> * It does not implement RFC 8305 for channels.c, that is port >> forwardings do not use it. >> > > Hi, > > I like this. As I'm also running with dual stack machines both at work > and at home, and have sometimes issues with one of the stacks. > > I'm running with this on my OpenBSD machines now. No problem noticed > so far. > -- > Matthieu Herrb > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev