Bug 384

Summary:

OpenSSH should store an SSH_SERVER variable for cluster hosts

Product:

Portable OpenSSH

Reporter:

thomas+openssh

Component:

ssh

Assignee:

OpenSSH Bugzilla mailing list <openssh-bugs>

Status:

CLOSED FIXED

Severity:

enhancement

Priority:

Version:

-current

Hardware:

All

OS:

All

Attachments:

Description	Flags
2 line patch for SSH_SERVER variable with incoming IP & port	none

Description thomas+openssh 2002-08-14 05:41:16 AEST

We run a cluster here with OpenSSH, and have users SSH into various cluster
instance names, each with a virtual IP.

There is no good way to get from OpenSSH the current IP that they have SSH'd
into so we can set their environment up properly. While there is SSH_CLIENT,
there is no SSH_SERVER variable. I think this will be useful for anyone using a
cluster with OpenSSH installed. 

Adding an SSH_SERVER variable was a very trivial 2-line patch, and we've been
using this on our cluster nodes for some months now. I figure now that we are
upgrading to OpenSSH 3.4pl1, we should commit this back so we don't have to
patch it each time we upgrade. I'll attach the tiny patch to this ticket.

Comment 1 thomas+openssh 2002-08-14 05:43:52 AEST

Created attachment 137 [details]
2 line patch for SSH_SERVER variable with incoming IP & port

This patch adds an SSH_SERVER variable as a counterpart to the existing
SSH_CLIENT variable. Instead of storing the client IP & port, it stores the
server IP and port.

Comment 2 Ben Lindstrom 2002-08-21 05:50:44 AEST

Out of interest why can't you just handle this in /etc/profile or at the system 
level in general?  I don't see this as being all that useful of a feature.

- Ben

Comment 3 thomas+openssh 2002-08-21 09:19:07 AEST

Yes, this patch may seem a bit unusual until you take cluster's into account.This extra
environment, SSH_SERVER is used by /etc/profile. Let me give you a real life example:

Sun 4800 Cluster Node "dirac" has several versions of oracle application server running
on it. Each instance has it's own IP, so it can fail over to other nodes as needed. For
instance, if the load on "dirac" is getting too high, the development instance moves to
"curie". Here are some of the instances on "dirac" in this test case:

OADEV 192.168.100.41
OAPRD 192.168.100.42
OATST 192.168.100.43
TADEV 192.168.100.44
BOPRD 192.168.100.45

When a user SSH's to the hostname "OATST", he lands onto "dirac", because that's the
node where the instance currently is. The /etc/profile script needs to know what IP they
ssh'd into, so it knows how to handle the case. It then processes SSH_SERVER:

if [ "$SSH_SERVER" ]; then
ip=`echo $SSH_SERVER | cut -d" " -f1`
target=$ip
else

and then runs through a case statement (if $target matches 192.168.100.43, we want
OATST's environment) to setup the environment correctly for the OATST instance... to
make it less confusing for the end user, you make the prompt say the instance name
OATST instead of the node name, dirac.

When the user then ssh's to OAPRD in another PuTTY window, they end up on dirac
again, but they don't know that. The environment magically becomes OAPRD, and so
does their prompt.

We've got about 30 cluster instances, of various products, on four Sun 4800 nodes. This
small patch was the only clean way I could figure to discover the IP of the connecting
host. I had thought about a complex loop of lsof's, but it would incur a significant login
delay (at least 15 seconds), and would hang should any nfs resources be unavailable.

I just figured since there is an SSH_CLIENT variable, there should be a matching
SSH_SERVER variable, especially for us folks relying on OpenSSH in HA environments.

Comment 4 Kevin Steves 2002-09-13 05:54:27 AEST

add SSH_CONNECTION and deprecate SSH_CLIENT

Comment 5 Damien Miller 2004-04-14 12:24:18 AEST

Mass change of RESOLVED bugs to CLOSED