From owner-freebsd-security  Thu Jan  3 11: 4:10 2002
Delivered-To: freebsd-security@freebsd.org
Received: from lariat.org (lariat.org [12.23.109.2])
	by hub.freebsd.org (Postfix) with ESMTP
	id 03A9237B419; Thu,  3 Jan 2002 11:04:07 -0800 (PST)
Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2])
	by lariat.org (8.9.3/8.9.3) with ESMTP id MAA27138;
	Thu, 3 Jan 2002 12:03:53 -0700 (MST)
Message-Id: <4.3.2.7.2.20020103120003.0297d820@localhost>
X-Sender: brett@localhost
X-Mailer: QUALCOMM Windows Eudora Version 4.3.2
Date: Thu, 03 Jan 2002 12:03:37 -0700
To: Robert Watson <rwatson@FreeBSD.ORG>,
	John Hay <jhay@icomtek.csir.co.za>
From: Brett Glass <brett@lariat.org>
Subject: Re: openssh version
Cc: cjclark@alum.mit.edu, Randy Bush <randy@psg.com>,
	freebsd-security@FreeBSD.ORG
In-Reply-To: <Pine.NEB.3.96L.1020101123222.14067C-100000@fledge.watson.o
 rg>
References: <200201010631.g016Va856231@zibbi.icomtek.csir.co.za>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

At 10:36 AM 1/1/2002, Robert Watson wrote:

>I've run into a related problem with SSH forwarding that occurs when a
>forwarded TCP connection takes a while to connect.  The problem is that
>apparently the OpenSSH sshd we ship discards data sent over a forwarded
>connection before all parts are completed.  If you're using forwarding
>connecting to a server with high latency, and on a client-driven protocol,
>you may lose some content on the connection.

You may also lose the connection. With older versions of OpenSSH, I frequently
see the client complain of a "truncated packet" (SSH has its own internal
packetized protocol) and drop the session. Sometimes this is just a minor
inconvenience -- for example, if I'm doing POP over the forwarded port I
sometimes find that the mail client becomes confused and/or does not filter
incoming messages properly. It's a bigger concern if I'm doing administration
and am cut off in midstream.

--Brett


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message