Bug 1250 (FWman) - sshd client connections persist across IP change
Summary: sshd client connections persist across IP change
Status: CLOSED INVALID
Alias: FWman
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: 4.3p2
Hardware: ix86 Linux
: P4 trivial
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-10-13 09:53 AEST by openssh.mindrot.org
Modified: 2008-04-04 09:56 AEDT (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description openssh.mindrot.org 2006-10-13 09:53:27 AEST 
On a default build using Debian 3.1r3, OpenSSH 4.3p2, on a system with multiple NICs installed:

1. connect to sshd server via IP with eth0 up (all other interfaces down)
2. bring down eth0 from console, bring up eth1 on a different IP in same subnet
3. observe initial sshd connection as still active and working

The client was PuTTY 0.58, for posterity. No DNS or hosts entries existed for the server. sshd_config is default, listening on all available IPs.

This is more of a feature than a bug, I suppose, but while I can't yet imagine how someone could exploit this improperly, it certainly wasn't expected behaviour (which was for the client connection to die eventually).
Comment 1 Darren Tucker 2006-10-13 10:34:42 AEST 
If you run "netstat -n" do you see the TCP connections with the old or new local IP address?  I suspect that the IP address is still configured on eth0 and the kernel is still processing the connections (as long as the client routes the packets to the server) and that if you unconfigure the IP ("ifconfig eth0 inet 0.0.0.0") it will stop working.

Either way, having a TCP connection behave this way is a bug/feature of the OS...
Comment 2 Damien Miller 2007-01-22 16:53:43 AEDT 
Kernel IP routing behaviour is not an OpenSSH bug
Comment 3 Damien Miller 2008-04-04 09:56:47 AEDT 
Close resolved bugs after release.