Browsers don't care about aborted transactions. Generally speaking a plain http/https request isn't seen as a potential attack. On Feb 27, 2018 8:27 PM, "Peter Stuge" <peter@xxxxxxxx> wrote: Wolfgang S Rupprecht wrote: > Simplest would be to never abort the extra happy eyeballs before > actually logging in or the normal ssh connection timeout. 1. What do dualstack browsers do when the second connection opens? 2. ssh could complete authentication on the second connection and then immediately close the connection - but this would trigger many side effects on the server, and be a nuisance at the very least; consider when a server requires token interaction to login, and having a sliding window with some limited number of logins per day. I personally don't really want the client to open multiple connections when I only specicy one server. //Peter _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev