Description of problem: ssh fails to connect to link local addresses. It appears to fail to recognize them as addresses. This did work at one point in time. Version-Release number of selected component (if applicable): 5.9p1-22.fc17 How reproducible: Every time. Steps to Reproduce: 1. ssh fe80::xxxx:9eff:fe02:xxxx%em0 Actual results: ssh: Could not resolve hostname fe80::3615:9eff:fe02:4094%em0: Address family for hostname not supported Expected results: Logging in to the relevant host using my public key. Additional info: This works just fine: ssh -o 'ProxyCommand nc -6 -X connect %h 22' fe80::xxxx:9eff:fe02:xxx%em0 And it also fails (but slightly differently) when I do this: $ ssh -6 fe80::xxxx:9eff:fe02:xxxx%em0 ssh: Could not resolve hostname fe80::xxxx:9eff:fe02:xxxx%em0: Name or service not known
Another relevant piece of information: $ /sbin/ip link ls 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN mode DEFAULT link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: em0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether xx:xx:4d:6a:xx:xx brd ff:ff:ff:ff:ff:ff So yes, my ethernet card is called em0 on this system.
Also: $ ping6 -c 5 fe80::xxxx:9eff:fe02:xxxx%em0 PING fe80::xxxx:9eff:fe02:xxxx%em0(fe80::xxxx:9eff:fe02:xxxx) 56 data bytes 64 bytes from fe80::xxxx:9eff:fe02:xxxx: icmp_seq=1 ttl=64 time=0.399 ms 64 bytes from fe80::xxxx:9eff:fe02:xxxx: icmp_seq=2 ttl=64 time=0.268 ms 64 bytes from fe80::xxxx:9eff:fe02:xxxx: icmp_seq=3 ttl=64 time=0.273 ms 64 bytes from fe80::xxxx:9eff:fe02:xxxx: icmp_seq=4 ttl=64 time=0.264 ms 64 bytes from fe80::xxxx:9eff:fe02:xxxx: icmp_seq=5 ttl=64 time=0.249 ms --- fe80::xxxx:9eff:fe02:xxxx%em0 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4000ms rtt min/avg/max/mdev = 0.249/0.290/0.399/0.057 ms
My current workaround is something like this in my .ssh/config file: Host foo.local HostName fe80::xxxx:9eff:fe02:xxxx%%em0 ProxyCommand nc -6 -X connect %h %p
I would like to add that ::1 doesn't work
ssh uses getaddrinfo() with hints.ai_flags = AI_V4MAPPED | AI_ADDRCONFIG; if AI_ADDRCONFIG flag is set then getaddrinfo() query for AAAA records only if the node has at least one IPv6 source address configured. Link-local and loopback addresses are intentionally ignored so a system without any other ipv6 other looks like ipv4 only, see http://sourceware.org/bugzilla/show_bug.cgi?id=12377 To make this work you need to set non-link-local ipv6 address for your em0 device. e.g. fc00::1/64 from unique local addresses block: # ssh ::1 ssh: Could not resolve hostname ::1: Address family for hostname not supported # ssh fe80::216:3eff:fefd:1ea2%eth0 ssh: Could not resolve hostname fe80::216:3eff:fefd:1ea2%eth0: Address family for hostname not supported # ip -6 addr add fc00::1/64 dev eth0 # ssh ::1 The authenticity of host '::1 (::1)' can't be established. RSA key fingerprint is 75:14:60:a8:7e:ab:15:14:44:bf:68:b6:53:58:5d:cd. Are you sure you want to continue connecting (yes/no)? ^C # ssh fe80::xxx:fefd:1ea2%eth0 reverse mapping checking getaddrinfo for f17-openssh [fe80::xxx:fefd:1ea2%eth0] failed - POSSIBLE BREAK-IN ATTEMPT! root@fe80::xxx:fefd:1ea2%eth0's password: ^C
Connecting to ipv4 host from ipv6 cause next problem: $ssh -b 2001:0:53aa:64c:3051:fa15:d124:ed3 user.0.1 getaddrinfo: 2001:0:53aa:64c:3051:fa15:d124:ed3: Address family for hostname not supported ssh: connect to host 127.0.0.1 port 22: Success $ # ip -f inet6 addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000 inet6 fe80::225:22ff:fec0:fc31/64 scope link valid_lft forever preferred_lft forever 8: teredo: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qlen 500 inet6 2001:0:53aa:64c:3051:fa15:d124:ed3/32 scope global valid_lft forever preferred_lft forever inet6 fe80::ffff:ffff:ffff/64 scope link valid_lft forever preferred_lft forever How can I resolve this and connect from ipv6 to ipv4