Bug 30327
| Summary: | openssh-server-2.5.1p1-2.i386.rpm doesn't include IPv6 support | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Jim Phillips <jphillips> | ||||
| Component: | openssh | Assignee: | Nalin Dahyabhai <nalin> | ||||
| Status: | CLOSED RAWHIDE | QA Contact: | |||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | 7.1 | CC: | pekkas | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | i386 | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2001-04-14 20:51:21 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Jim Phillips
2001-03-02 16:40:48 UTC
Some support is compiled in, but Linux glibc (at least until recently, not sure if this is still the case) doesn't handle the situation where you can use both too gracefully, so it has to be compiled with --with-ipv4-default. You can still start sshd with '-6' option, but then it can't handle IPv4. Leaving out --with-ipv4-default creates some grief for IPv4-only users. Personally, I'd like to be able to bind sshd to both ipv4 and ipv6. Perhaps in the interrim (until compiling without --with-ipv4-default becomes a viable option), we can just modify the init.d script to detect if NETWORKING_IPV6="yes" and if so, include the -6 switch? That seems a simple enough workaround. A problem is that '-6' uses _only_ IPv6, not both.. :-/ Have you actually verified that? When I was playing around w/ IPv6 on fisher, I had a single instance of sshd running that was listening on port 22 of both v4 and v6 stacks. If memory serves, I had the -6 switch and the ListenAddress :: line uncommented. I could be mistaken on how I did it, but I know I did it. Another option, however would be to have the init script start two instances of sshd, one w/ the -6 switch, one w/o. If you comment out _all_ ListenAddress lines, and start sshd with 'sshd -4 -6', it appears to work. This is a bug, but it works ;-) Actually, you don't need to comment out anything, plain 'sshd -4 -6' will also work. /etc/sysconfig/sshd option processing should be added, like how it has been done with syslogd, bind, etc. for the upcoming release. Bah. I'm sure ;-) I got it to work for a moment, but now it refuses to do that. Oh well.. I've encountered this with other daemons too, now. I believe kernel has to be patched for this to work. In USAGI kernel, the keyword is "CONFIG_IPV6_DOUBLE_BIND". .. but including /etc/sysconfig/sshd might be a way to get around the problem for a short while. I'm able to enable openssh for IPv6 rather easily with the attached patch by adding: OPTIONS="-6" to /etc/sysconfig/sshd. IPv4 connections originate from IPv4-mapped addresses, but that's no problem. Note: you must build sshd against update tcp_wrappers to be able to use this effectively (see: #35648). Updated openssh and tcp_wrappers packages are available at http://www.netcore.fi/pekkas/linux/ipv6/ Created attachment 15365 [details]
common method for providing options for init.d scripts
All the required hooks are in place in Rawhide openssh-2.9p1-2. Thanks! (Naturally, OpenSSH must be rebuilt against tcp_wrappers which supports IPv6, also in Rawhide, to be effective but this will happen sooner or later so no sweat) |