03 May 2005

tiger ssh hang bug



for some peculiar reason, the openssh that ships with tiger hangs for a minute when trying to connect to a remote host. it is most certainly stuck doing some DNS lookup, as running it verbose-verbose-verbose mode hangs for a minute at:


debug1: Remote protocol version 2.0, remote software version OpenSSH_4.0

debug1: match: OpenSSH_4.0 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1
debug3: Trying to reverse map address xxx.xxx.xxx.xx.


i've tried doing all sorts of things, like running it through gdb, etc, and nailed it down to some weird interaction with kerberos/gssapi as it seems to stall inside that function. but trying everything i could, i still couldn't get it to give up on gssapi.


so i ran tcpdump to check out what it was actually trying to look up, and to my surprise, it is actually some rendezvous/bonjour bullshit that is hanging the process:



192.168.9.3.49312 > xxx.xxx.org.ssh: S 1748956853:1748956853(0)
xxx.xxx.org.ssh > 192.168.9.3.49312: S 953993813:953993813(0) ack 1748956854
192.168.9.3.49312 > xxx.xxx.org.ssh: . ack 1
xxx.xxx.org.ssh > 192.168.9.3.49312: P 1:49(48) ack 1
192.168.9.3.49312 > xxx.xxx.org.ssh: P 1:25(24) ack 49
192.168.9.3.49310 > teh.intraweb.domain: 46195+ SRV? _telnet._tcp.xxx.xxx.org. (49)

as you can see, it's looking doing service discovery using _telnet._tcp.xxx.xxx.org, which is a zeroconf thing. why it is doing that and hanging while doing that, i have no idea. i haven't found anyone reporting similar problems so far, so it must be something dodgy on my side, but i still haven't found anything so far that points to me mucking about with system files.


right now, my workaround is to install ssh using fink which is working fine. grr..



You can reply to me about this on Twitter: