On Fri, Nov 28, 2008 at 01:30:15PM -0600, Denny White spoke thusly: > Just upgraded to 4.4 the other day. Fresh install, then updated > to stable. I have a loopback adapter on the one xp box with a > cygwin bash script that runs on boot & gets installed as a > service. Click Start - Run, type in the ip address and enter > and explorer comes up with my file shares on my OpenBSD box. > Before in 4.3 there were never any error messages. Now I'm > getting this in authlog: > > Nov 28 13:12:28 badboybox sshd[1280]: channel_by_id: 1: bad id: channel > free > Nov 28 13:12:28 badboybox sshd[1280]: channel_input_success_failure: 1: > unknown > > I googled around and saw others having that problem, but everything > I found had to do with linux. Samba was built with the ssl argument. > Did that just for experimentation to see what I could do with it & > learn something new. I'm also running sshd on a high port rather > than on 22 to keep all the script kiddy crap out of the logs. I can > run sshd with the -q switch and stop the error message, but I'm not > really comfortable with that. Anyone has any idea what's causing it, > I'd appreciate any input. I know ssh has moved up to 5.1 in 4.4, and > I thought maybe something that had changed in it was causing the > problem, but what I don't know. Thanks for any help on it. >
Replying to my own message to say problem solved. Don't know what changed in 5.1 or samba, but the error messages can be gotten rid of by adding the following to the ssh command on a windows loopback connector bash script in cygwin & hopefully putty or others if not using cygwin. I don't know since I haven't used putty in a long time. -o TCPKeepAlive=no -o ServerAliveInterval=10 I put 10 since I think sshd checks every 20 seconds or so by default. Anyone correct me if I'm wrong on that. I'd read where the 'no' on the TCPKeepAlive protects against some sort of spoofing. Thought I should explain that since it looks redundant, and very may be with the newer ssh. It wouldn't affect this system anyway, I don't think, since all connections are done using keys rather than passwords. And again, anyone correct me where I'm wrong. Anyway, the error messages are gone. -- Denny White =============================================================== GnuPG key : 0x1644E79A | http://wwwkeys.nl.pgp.net Fingerprint: D0A9 AD44 1F10 E09E 0E67 EC25 CB44 F2E5 1644 E79A ===============================================================
