Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Dev
Keeping or stopping TCP forwardings when the foreground process quits?
philipp at marek
Sep 7, 2021, 2:06 AM
Post #1 of 5 (482 views)
Permalink
Hi,

In my ~/.ssh/config I've got a few hosts with

ControlMaster auto

(for performance reasons, they're higher latency and
cutting down reconnect time helps a lot).


Now I started a TCP delay via the usual

ssh user@host -L port:IP:port

and when I no longer needed it, I quit the interactive shell.


But the TCP forwards still worked - of course,
as the ControlMaster process was still active!


What I'd like to ask/discuss is -- perhaps the TCP forwarding should
(optionally, by default) be bound to the interactive SSH process -
and when that one quits, the forwarding is stopped?

(When running with -f, SSH runs in the background anyway.)


Or is that a bad idea?

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Keeping or stopping TCP forwardings when the foreground process quits? [ In reply to ]
peter at stuge
Sep 7, 2021, 5:52 AM
Post #2 of 5 (482 views)
Permalink
Hi,

Philipp Marek wrote:
> But the TCP forwards still worked - of course,
> as the ControlMaster process was still active!
>
> What I'd like to ask/discuss is -- perhaps the TCP forwarding should
> (optionally, by default) be bound to the interactive SSH process -
> and when that one quits, the forwarding is stopped?

I'd also like such behavior, but I don't know if the session owner
(the Master process) can reliably tell when a Slave process exits?

A first step might be to enable Slave processes to not only add but
also remove previously established channels?


//Peter
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Keeping or stopping TCP forwardings when the foreground process quits? [ In reply to ]
naddy at mips
Sep 7, 2021, 7:17 AM
Post #3 of 5 (482 views)
Permalink
Peter Stuge:

> A first step might be to enable Slave processes to not only add but
> also remove previously established channels?

That is already available with "-O cancel".

--
Christian "naddy" Weisgerber naddy@mips.inka.de
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Keeping or stopping TCP forwardings when the foreground process quits? [ In reply to ]
ssh at raf
Sep 7, 2021, 6:10 PM
Post #4 of 5 (482 views)
Permalink
On Tue, Sep 07, 2021 at 12:52:01PM +0000, Peter Stuge <peter@stuge.se> wrote:

> Hi,
>
> Philipp Marek wrote:
> > But the TCP forwards still worked - of course,
> > as the ControlMaster process was still active!
> >
> > What I'd like to ask/discuss is -- perhaps the TCP forwarding should
> > (optionally, by default) be bound to the interactive SSH process -
> > and when that one quits, the forwarding is stopped?
>
> I'd also like such behavior, but I don't know if the session owner
> (the Master process) can reliably tell when a Slave process exits?
>
> A first step might be to enable Slave processes to not only add but
> also remove previously established channels?
>
> //Peter

Perhaps, when explicitly doing forwarding, you could
add "-o ControlMaster=no" to the command line (or alias
or script). If I understand correctly, that should work
now, without any changes to ssh.

cheers,
raf

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: Keeping or stopping TCP forwardings when the foreground process quits? [ In reply to ]
philipp at marek
Sep 7, 2021, 11:31 PM
Post #5 of 5 (482 views)
Permalink
>> I'd also like such behavior, but I don't know if the session owner
>> (the Master process) can reliably tell when a Slave process exits?

This is easy, because the Slave process is connected to the Master
process
via a socket. When that gets closed, the Slave is gone (or vice versa ;)


>> A first step might be to enable Slave processes to not only add but
>> also remove previously established channels?
> Perhaps, when explicitly doing forwarding, you could
> add "-o ControlMaster=no" to the command line (or alias
> or script). If I understand correctly, that should work
> now, without any changes to ssh.

Yes, of course.
If I remember that I've configured ControlMaster on that connection,
and that SSH will then use the Master for that,
I might also remember that.

(Although that partly defeats the ControlMaster setting -
connect latency, re-authorization, another TCP channel, ...)


I'd hope for some setting (in future versions of SSH) that says
"when a slave process is gone, remove its port forwardings as well".
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal