GNU bug report logs - #36364
Potential SSH session exhaustion

Previous Next

Full log

Message #11 received at 36364 <at> debbugs.gnu.org (full text, mbox):

From: zerodaysfordays <at> sdf.lonestar.org (Jakob L. Kreuze)
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 36364 <at> debbugs.gnu.org
Subject: Re: bug#36364: Potential SSH session exhaustion
Date: Mon, 24 Jun 2019 19:28:28 -0400

[Message part 1 (text/plain, inline)]

Hi,

Ludovic Courtès <ludo <at> gnu.org> writes:

> Procedures like ‘send-files’ call ‘channel-get-exit-status’ and
> ‘close-port’ on ports that represent SSH channels.
>
> AFAICS, ‘close-port’ triggers a call of ‘ptob_close’ in Guile-SSH,
> which in turn calls ‘ssh_channel_close’.
>
> sshd_config(5) says:
>
>    MaxSessions Specifies the maximum number of open shell, login or subsystem
> (e.g. sftp) sessions permitted per network connection. Multiple sessions may be
> established by clients that support connection multiplexing. Setting MaxSessions
> to 1 will effectively disable session multiplexing, whereas setting it to 0 will
> prevent all shell, login and subsystem sessions while still permitting
> forwarding. The default is 10.
>
> So you must be hitting this limit.

Ah, thank you for the corrections :)

> I see that ‘remote-eval’ does not close ‘remote’ though, so this
> channel port remains open until it’s GC’d, which happens too late.
> Could you try the attached patch? It allows me to do more than 10
> ‘remote-eval’ calls in a row.

Wow, that was quick. The patch works like a charm, thanks!

Regards,
Jakob

[signature.asc (application/pgp-signature, inline)]

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.