ssh fails when using -p flag
Originator: | webdeck | ||
Number: | rdar://FB7641404 | Date Originated: | 2020-04-26 |
Status: | Open | Resolved: | |
Product: | macos | Product Version: | 10.15.4 |
Classification: | Reproducible: |
/usr/bin/ssh in macos 10.15.4 hangs if used with the -p flag to specify an alternate port and used with a hostname. This was not present in macos 10.15.3 For example, assuming hostname is a valid hostname, 1.2.3.4 is its corresponding IP address, and on the target hostname, ssh is running on both the default port 22 and a second port, 8822: The following work as expected: ssh hostname ssh 1.2.3.4 ssh -p 8822 1.2.3.4 However, this will hang forever until interrupted: ssh -p 8822 hostname Furthermore, it doesn't matter what port or hostname you use, as long as it isn't a numeric IP address. For example, all of these will hang as well: ssh -p 8888 hostname ssh -p 8822 hostname-that-does-not-exist In contrast, using an invalid port with a numeric IP address gives the expected error: ssh -p 8888 1.2.3.4 ssh: connect to host 1.2.3.4 port 8888: Connection refused And using an invalid hostname without the -p switch also gives the expected error: ssh hostname-that-does-not-exist ssh: Could not resolve hostname hostname-that-does-not-exist: nodename nor servname provided, or not known Using maximum verbosity doesn't give any clues, and max debugging on the sshd target host shows no connection is ever initiated: ssh -vvv -p 8822 hostname OpenSSH_8.1p1, LibreSSL 2.7.3 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 47: Applying options for * debug1: Connecting to hostname port 8822. netstat shows no connection attempt being made
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
Confirmed - disabling Automatic Proxy Configuration allows ssh to work properly again. I have updated my Apple bug report with this information - thank you, mfelliott, for identifying that!
Hmm. I can't replicate this on my work Mac.
% ssh -vvv -p 8822 hostname OpenSSH_8.1p1, LibreSSL 2.7.3 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 47: Applying options for * debug1: Connecting to hostname port 8822. ssh: Could not resolve hostname hostname: nodename nor servname provided, or not known
% sw_vers ProductName: Mac OS X ProductVersion: 10.15.4 BuildVersion: 19E266
We do have a DNS proxy in place for work stuff via Umbrella.
On a personal Mac running the same OS I have the same behavior. No errors. I did notice that the DNS lookup that pops in and out of
nettop
is an IPv6 one.In my case, tuning off my Automatic Proxy Configuration with PAC file stops this weird behavior. Even running with a completely empty .pac file causes this issue.