Hi, after installing the new openssh package, the ipv6 module is suddenly loaded. And from time to time I find those warnings: Dec 6 11:47:06 listrac sshd[3195]: Accepted rsa for ROOT from 134.245.252.95 port 913 Dec 6 11:47:06 listrac kernel: IPv6 v0.8 for NET4.0 Dec 6 11:47:06 listrac kernel: IPv6 over IPv4 tunneling driver Dec 6 11:47:06 listrac sshd[3205]: Accepted rsa for ROOT from 134.245.252.95 port 702 Dec 6 11:47:26 listrac kernel: eth0: no IPv6 routers present Dec 6 11:47:27 listrac kernel: eth0: no IPv6 routers present I'm using the latest 2.2.16 kernel from 7.0 on a SuSE 6.4 system and never explicitely changed any settings to activate ipv6. Should openssh load the ipv6? What's it needed for in this context? And why do I get the error messages about the non-existent routers? Sorry if this is maybe not a security issue, but as it seems to be caused by the new openssh, I first ask here :-) Best regards, Frank -- Dipl.-Inform. Frank Steiner mailto:fst@informatik.uni-kiel.de Lehrstuhl f. Programmiersprachen mailto:fsteiner@web.de CAU Kiel, Olshausenstraße 40 Phone: +49 431 880-7265, Fax: -7613 D-24098 Kiel, Germany http://www.informatik.uni-kiel.de/~fst/
Hello Frank,
Hi,
after installing the new openssh package, the ipv6 module is suddenly loaded. And from time to time I find those warnings:
Dec 6 11:47:06 listrac sshd[3195]: Accepted rsa for ROOT from 134.245.252.95 port 913 Dec 6 11:47:06 listrac kernel: IPv6 v0.8 for NET4.0 Dec 6 11:47:06 listrac kernel: IPv6 over IPv4 tunneling driver Dec 6 11:47:06 listrac sshd[3205]: Accepted rsa for ROOT from 134.245.252.95 port 702 Dec 6 11:47:26 listrac kernel: eth0: no IPv6 routers present Dec 6 11:47:27 listrac kernel: eth0: no IPv6 routers present
I'm using the latest 2.2.16 kernel from 7.0 on a SuSE 6.4 system and never explicitely changed any settings to activate ipv6.
Should openssh load the ipv6? What's it needed for in this context? And why do I get the error messages about the non-existent routers?
Sorry if this is maybe not a security issue, but as it seems to be caused by the new openssh, I first ask here :-)
Best regards, Frank
That openssh package keeps bugging us (need a rebuild again). I've waisted
some minutes yesterday to see the reason why that thing nukes the
connection very soon after establishment. It turned out to be a problem
with binding to the ipv6 socket. In other words, openssh claims to be able
to do ipv6, but there are many problems with that (the kernel code is
subject to heavy changes from 2.2 -> 2.4).
Workaround:
See /etc/ssh/sshd_config and look at the lines
#ListenAddress 0.0.0.0
#ListenAddress ::
Uncomment the first one but leave the second commented out, and it works.
Unfortunately, you can't unload the ipv6 kernel module any more once it's
loaded. Workaround for this:
$ grep net-pf-10 /etc/modules.conf
#alias net-pf-10 ipv6
alias net-pf-10 off
$
Thanks,
Roman.
--
- -
| Roman Drahtmüller
participants (2)
-
Frank Steiner
-
Roman Drahtmueller