Re: openssh refuses to close if open stderr/stdout/stdin

From: Nico Kadel-Garcia (nkadel@bellatlantic.net)
Date: 04/23/02 

From: "Nico Kadel-Garcia" <nkadel@bellatlantic.net>
Date: Tue, 23 Apr 2002 03:24:07 GMT

"Bill Unruh" <unruh@string.physics.ubc.ca> wrote in message
news:aa1iln$inh$1@nntp.itservices.ubc.ca...
> Open ssh has changed the default in that it will refuse to close if
> there are any programs which still have open ports (eg stderr, stdout,
> stdin) through the link. This is a change in the procedures, and is a
> real real pain in the but, since a lot of programs are badly written and
> leave one of those ports dangling even if put into the background. This
> hangs the closing of ssh.
>
> Is there some variable I can set or some configuration I can do to get
> the old behaviour back again. It would be OK if it warned me about open
> ports, but it should then tell me which programs, and I should be able
> to shut the ssh link anyway if I want to.
>
> The current behaviour is terrible.

But it was important. If you closed the programs immediately, they might
leave interesting dangling jobs running that would be a problem later, or
have problems with wanting to send something important to stdout and stderr
that was unsafe not to cope with.

You've got a couple of user level options.

    1: Redirect stdin/stdout/stderr to /dev/null when needed.
    2: Run "screen" for interactive sessions, which will allow you to type
"exit" and leave the session alive until the shell terminates, but detach
from the screen process.

Relevant Pages

  • Re: RSH from Unix to VMS does not work
    ... two ports (if memory serves, one for stdout, one for stderr). ... ssh instead - everything goes through one port and it's more secure in ...
    (comp.os.vms)
  • Re: sshd brute force attempts?
    ... I think you misunderstood what I meant by public service, or maybe it wasn't clear: By a public service I mean a service available for anyone, even anonymously: You're not going to register the world to let people send mail to your server, require authentication to send mail from your server). ... If this is stored on a usb-stick the user carries with him, or only on systems that require local authentication first, then I think you're better off than password based ssh. ... Cracklib is in ports and easy to build -- FreeBSD could use a) an option in make.conf to prevent passwd from getting built on a buildworld and b) the patched passwd/yppasswd tree in ports. ... I don't assume that level of savvy. ...
    (freebsd-questions)
  • Re: Prot Forwarding
    ... Al's SSH method would be the best. ... configure the remote control programs to use different ports on each ... that let you configure the ports in use. ... > Personally I use a Secure Shell tunnel to access multiple XP Pro ...
    (microsoft.public.windowsxp.network_web)
  • Re: hacked?
    ... So I ssh'd in and did a netstat and saw what looked like an unwanted SSH connection... ... On the local host type nmap -sV localhost -p 1-65535 to see what ports respond and which apps/services. ...
    (comp.os.linux.misc)
  • Re: [SLE] Security, ssh/vpn into a network
    ... "My server is running several services, ... outside are http and ssh. ... Again, ports 5900 is not open to the outside, neither is any of the ... not being forwarded on the firewall but through the ssh tunnel. ...
    (SuSE)