GNU bug report logs -
#55335
openssh-service no longer listens on IPv6
Previous Next
Full log
Message #34 received at 55335 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
Ludovic Courtès <ludo <at> gnu.org> writes:
> Hi,
>
> Christopher Baines <mail <at> cbaines.net> skribis:
>
>> Switching to listing via IPv6 should support IPv4 connections, as Linux is
>> capable of translating IPv4 connections to IPv6. I think there's a risk that
>> switching to this approach will affect some uses of the openssh
>> service. Therefore, this commit makes this a configuration option, which is #f
>> by default.
>
> [...]
>
>> + (make-socket-address #$(if (openssh-listen-via-ipv6? config)
>> + #~AF_INET6
>> + #~AF_INET)
>> + INADDR_ANY
>> #$port-number)
>
> Thinking about it, what do you think is the risk of using AF_INET6
> unconditionally?
I'm assuming that configuration that looks at the IP addresses will be
affected, e.g. things like:
Match Address 127.0.0.*
PubkeyAuthentication yes
But this is just a guess.
> AFAICS it just works. Is there a switch somewhere that might affect
> that behavior?
>
> (I still think that changing ‘make-inetd-constructor’ to accept multiple
> addresses is a better fix longer-term, but if we can have this quick
> fix, that’s great.)
I'm also interested in a quick fix. I'd like to either make the switch
to using AF_INET6 unconditionally, or push the patch I sent for allowing
it to be used through a configuration option.
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 2 years and 359 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.