Bug#1069674: openssh-client: multiplexed connections use incorrect DISPLAY etc, but no TOKENS exist to modify the connection socket

Mon, 22 Apr 2024 06:39:13 -0700 

Package: openssh-client
Version: 1:9.2p1-2+deb12u2
Severity: normal


With .ssh/config:

    ControlMaster auto
    ControlPath ~/.ssh/cm_master/%r@%h:%p
    ControlPersist yes

Set up the mux master on host a to host c:

> echo $DISPLAY
:0
> ssh c xterm

xterm fires up on host a.  Kill that

Now, if we arrange for DISPLAY to point to another display (I sshed to
another host b, set DISPLAY=:0, verified xterm opened up on that host,
then sshed back to my original host a), and try to fire up ssh again:

> echo $DISPLAY
localhost:11.0
> ssh c xterm

xterm fires up on host a instead of host b, which was where $DISPLAY
was pointing.

OK, so the muxing protocol isn't smart enough to allow DISPLAY to be
dynamically set (a bit like bug #931187, ssh not properly acting as if
a new connection has been made and handing out /etc/motd properly).
So let's work around it by setting ControlPath according to what
DISPLAY is being asked for.  Hmmmf, there are no appropriate TOKENS.

Perhaps there should be a %D TOKEN value for $DISPLAY?  Or since I'm
sure there's other connection properties that shouldn't be shared
between multiplexed connections, can the protocol be modified to allow
DISPLAY and other values to be properly set per multiplexed
connection?



-- System Information:
Debian Release: 12.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'stable'), (5, 'testing'), (2, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.5.0-0.deb12.4-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages openssh-client depends on:
ii  adduser           3.134
ii  libc6             2.36-9+deb12u4
ii  libedit2          3.1-20221030-2
ii  libfido2-1        1.12.0-2+b1
ii  libgssapi-krb5-2  1.20.1-2+deb12u1
ii  libselinux1       3.4-1+b6
ii  libssl3           3.0.11-1~deb12u2
ii  passwd            1:4.13+dfsg1-1+b1
ii  zlib1g            1:1.2.13.dfsg-1

Versions of packages openssh-client recommends:
ii  xauth  1:1.1.2-1

Versions of packages openssh-client suggests:
ii  keychain      2.8.5-3
pn  libpam-ssh    <none>
pn  monkeysphere  <none>
ii  ssh-askpass   1:1.2.4.1-16

-- Configuration Files:
/etc/ssh/ssh_config changed [not included]

-- no debconf information

Reply via email to