Re: RFC 8305 Happy Eyeballs in OpenSSH

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Browsers don't care about aborted transactions. Generally speaking a plain
http/https request isn't seen as a potential attack.

On Feb 27, 2018 8:27 PM, "Peter Stuge" <peter@xxxxxxxx> wrote:

Wolfgang S Rupprecht wrote:
> Simplest would be to never abort the extra happy eyeballs before
> actually logging in or the normal ssh connection timeout.

1. What do dualstack browsers do when the second connection opens?

2. ssh could complete authentication on the second connection and
then immediately close the connection - but this would trigger many
side effects on the server, and be a nuisance at the very least;
consider when a server requires token interaction to login, and
having a sliding window with some limited number of logins per day.

I personally don't really want the client to open multiple
connections when I only specicy one server.


//Peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux