Bug 30327 - openssh-server-2.5.1p1-2.i386.rpm doesn't include IPv6 support
openssh-server-2.5.1p1-2.i386.rpm doesn't include IPv6 support
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: openssh (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-03-02 11:40 EST by Jim Phillips
Modified: 2008-05-01 11:37 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-04-14 16:51:21 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
common method for providing options for init.d scripts (470 bytes, patch)
2001-04-14 16:51 EDT, Pekka Savola
no flags Details | Diff

  None (edit)
Description Jim Phillips 2001-03-02 11:40:48 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux 2.4.1-0.1.14 i686; en-US; 0.8)
Gecko/20010217


When I try to allow sshd to bind to listen on IPv6 by uncommenting
ListenAddress ::
I get the error
fatal: bad addr or host: :: (Address family for hostname not supported)

Reproducible: Always
Steps to Reproduce:
1.  Install Wolverine w/ openssh and openssh-server packages
2.  Install openssh-server-2.5.1p1-2.i386.rpm via up2date
3.  Uncomment the ListenAddress :: line in /etc/sshd_config
4.  run /etc/rc.d/init.d/sshd start
	

Actual Results:  I get the error fatal: bad addr or host: :: (Address
family for hostname not supported)

Expected Results:  sshd should start and bind to both IPv4 and IPv6 stacks.

Wolverine is RedHat's first real IPv6 ready distribution.  As such, all
applications within Wolverine that CAN support IPv6 should be compiled with
that support turned on.
Comment 1 Pekka Savola 2001-03-03 14:39:00 EST
Some support is compiled in, but Linux glibc (at least until recently, not sure if this is still the case) 
doesn't handle the situation where you can use both too gracefully, so it has to be compiled with --with-ipv4-default.

You can still start sshd with '-6' option, but then it can't handle IPv4.

Leaving out --with-ipv4-default creates some grief for IPv4-only users.  

Personally, I'd like to be able to bind sshd to both ipv4 and ipv6.

Comment 2 Jim Phillips 2001-03-04 12:37:21 EST
Perhaps in the interrim (until compiling without --with-ipv4-default becomes a
viable option), we can just modify the init.d script to detect if
NETWORKING_IPV6="yes" and if so, include the -6 switch?  That seems a simple
enough workaround.
Comment 3 Pekka Savola 2001-03-04 19:15:07 EST
A problem is that '-6' uses _only_ IPv6, not both.. :-/
Comment 4 Jim Phillips 2001-03-05 00:53:36 EST
Have you actually verified that?  When I was playing around w/ IPv6 on fisher, I
had a single instance of sshd running that was listening on port 22 of both v4
and v6 stacks.  If memory serves, I had the -6 switch and the ListenAddress ::
line uncommented.  I could be mistaken on how I did it, but I know I did it. 
Another option, however would be to have the init script start two instances of
sshd, one w/ the -6 switch, one w/o.
Comment 5 Pekka Savola 2001-03-05 02:54:17 EST
If you comment out _all_ ListenAddress lines, and start sshd with 'sshd -4 -6', it appears to work.

This is a bug, but it works ;-)
Comment 6 Pekka Savola 2001-03-05 03:04:28 EST
Actually, you don't need to comment out anything, plain 'sshd -4 -6'
will also work.

/etc/sysconfig/sshd option processing should be added, like
how it has been done with syslogd, bind, etc. for the upcoming
release.
Comment 7 Pekka Savola 2001-03-05 03:07:32 EST
Bah.  I'm sure ;-) I got it to work for a moment, but now it refuses to
do that.  Oh well..
Comment 8 Pekka Savola 2001-03-11 10:41:30 EST
I've encountered this with other daemons too, now.  I believe kernel has to be patched for this to work.

In USAGI kernel, the keyword is "CONFIG_IPV6_DOUBLE_BIND".

.. but including /etc/sysconfig/sshd might be a way to get around the problem for a short while.
Comment 9 Pekka Savola 2001-04-14 16:50:31 EDT
I'm able to enable openssh for IPv6 rather easily with the attached patch by adding:

OPTIONS="-6"

to /etc/sysconfig/sshd.  IPv4 connections originate from IPv4-mapped addresses, but that's no problem.

Note: you must build sshd against update tcp_wrappers to be able to use this effectively (see: #35648).

Updated openssh and tcp_wrappers packages are available at http://www.netcore.fi/pekkas/linux/ipv6/
Comment 10 Pekka Savola 2001-04-14 16:51:17 EDT
Created attachment 15365 [details]
common method for providing options for init.d scripts
Comment 11 Pekka Savola 2001-05-11 16:44:31 EDT
All the required hooks are in place in Rawhide openssh-2.9p1-2.  Thanks!
Comment 12 Pekka Savola 2001-05-11 16:45:58 EDT
(Naturally, OpenSSH must be rebuilt against tcp_wrappers which supports IPv6, also in Rawhide, to be effective
but this will happen sooner or later so no sweat)


Note You need to log in before you can comment on or make changes to this bug.