X-Recipient: archive-cygwin@delorie.com DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 53E8A386EC3A DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; s=default; t=1708038915; bh=LNgwZDcyshh6ps35EfSZbWJ/KlAYzLrCqE4mfdbkq44=; h=Date:To:Subject:In-Reply-To:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:From:Reply-To:From; b=va8AdknDpXL+QrK73CIoXlsegIY6IZ0q1lUtGLWLzfBs71svKr0kaFsFXL5Is90X0 IeVdLHs2XmOqa32hNcxIbTrg0iHCaYKGn/6RtwuvDwlz4mpk+IpedeDz82y+Ds9INl IGrrjenIkjvs9iJQKFCTliqmBmAeO+pEoCpU8mAQ= X-Original-To: cygwin@cygwin.com Delivered-To: cygwin@cygwin.com DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 6A298386D635 ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 6A298386D635 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1708038862; cv=none; b=P8B2vBjnwDGC84WK1tJPYSDtvMjhK5pq5fWymfFwtrkM63Eq11JrM0qQzbys/XpAi2YzUAW2s7EKvGkD1qPxNMg5ua+A/FeOqalNzVKe0m/WfSvnRigxl/6gA7EsddjVx9a25KRqMOJf/4KmF3GUmxe6A7Mcf2YAGuNpF6mVWCw= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1708038862; c=relaxed/simple; bh=T1YYH7Y7kCaGCDuMjKLRrcvfIUV1O/XdHWLCNcUtu7w=; h=DKIM-Signature:MIME-Version:Message-ID:Date:To:Subject:From; b=G6O0fj0+jApQ0fDsZX24shStt8vGn+jkfsn0/QLvBqKjmW1hmgiogmaFGbTK9Tq7z6ea3AkRRe7rFktYrbztrmwDsqlaJWkEGrapdy5TAKG1isyaqOyxfqrmXUsNeHYm1ahW5B6lC/+fhwhcO3dHNJi9rN5zeIOKHohHPjbHmdM= ARC-Authentication-Results: i=1; server2.sourceware.org X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_EF, HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Score: 1.1 MIME-Version: 1.0 Message-ID: <0100018daf0ca73d-8a187774-4cd0-4450-b8b3-58d6f562596d-000000@email.amazonses.com> Date: Thu, 15 Feb 2024 23:14:18 +0000 To: cygwin@cygwin.com Subject: Re: ssh over stunnel hangs on second connection In-Reply-To: X-Mailer: VM 8.2.0b under 25.2.2 (x86_64-pc-linux-gnu) X-Virus-Scanned: ClamAV using ClamSMTP Feedback-ID: 1.us-east-1.Zao4ZYFkcQIqFUKHPFqcIUzSz0SUuTXbgFyfdyEho8U=:AmazonSES X-SES-Outgoing: 2024.02.15-54.240.8.73 X-BeenThere: cygwin@cygwin.com X-Mailman-Version: 2.1.30 Precedence: list List-Id: General Cygwin discussions and problem reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: cygwin--- via Cygwin Reply-To: cygwin@kosowsky.org Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: cygwin-bounces+archive-cygwin=delorie.com@cygwin.com Sender: "Cygwin" Here is some more strangeness: 1. (As before) - ssh first time -> succeeds - logout - ssh again -> hangs 2. Another sequence - SESSION 1: ssh first time -> succeeds - SESSION 2: ssh second time -> succeeds (without logging out session 1) - ... - SESSION N: ssh n'th time -> succeeds (without logging out any of the previous ones - logout of any of the first N-sessions - SESSION N+1: ssh -> FAILS - SESSION N+2: ssh -> FAILS - ... So it seems like logging out of an 'ssh over stunnel' session somehow causes 'stunnel' to hang on any succeeding sessions "" wrote at about 14:23:30 -0500 on Thursday, February 15, 2024: > I am using Cygwin stunnel 5.71 on Windows 11 to connect to 'ssh' into my Ubuntu > server over 'stunnel'. > > - The first time I ssh via stunnel it works fine The second time, I > - try to connect, it hangs with 'ssh -v' showing only the initial > local steps of connection: > > OpenSSH_9.5p1, OpenSSL 3.0.12 24 Oct 2023 > debug1: Reading configuration data /home/myuser/.ssh/config > debug1: Reading configuration data /etc/ssh_config > debug1: Connecting to localhost [::1] port 2222. > debug1: Connection established. > debug1: identity file /home/myuser/.ssh/id_rsa type 0 > debug1: identity file /home/myuser/.ssh/id_rsa-cert type -1 > debug1: identity file /home/myuser/.ssh/id_ecdsa type -1 > debug1: identity file /home/myuser/.ssh/id_ecdsa-cert type -1 > debug1: identity file /home/myuser/.ssh/id_ecdsa_sk type -1 > debug1: identity file /home/myuser/.ssh/id_ecdsa_sk-cert type -1 > debug1: identity file /home/myuser/.ssh/id_ed25519 type -1 > debug1: identity file /home/myuser/.ssh/id_ed25519-cert type -1 > debug1: identity file /home/myuser/.ssh/id_ed25519_sk type -1 > debug1: identity file /home/myuser/.ssh/id_ed25519_sk-cert type -1 > debug1: identity file /home/myuser/.ssh/id_xmss type -1 > debug1: identity file /home/myuser/.ssh/id_xmss-cert type -1 > debug1: identity file /home/myuser/.ssh/id_dsa type -1 > debug1: identity file /home/myuser/.ssh/id_dsa-cert type -1 > debug1: Local version string SSH-2.0-OpenSSH_9.5 > > and '/var/log/stunnel' on the Cygwin client failing early: > > LOG7[main]: Found 1 ready file descriptor(s) > LOG7[main]: FD=4 events=0x1 revents=0x0 > LOG7[main]: FD=8 events=0x1 revents=0x1 > LOG7[main]: FD=10 events=0x1 revents=0x0 > LOG7[main]: Service [ssh] accepted (FD=3) from ::1:52718 > > > - If I connect a *third* (or more times), 'ssh -v' hangs with the same > output as above, but there is *no* additional logging in > '/var/log/stunnel' on the client. > > > It thus is acting as if 'stunnel' on the Cygwin client itself somehow > hangs/becomes unresponsive early in the second 'ssh' connection > attempt. > > Note that the client '/usr/bin/stunnel/ process continues to run so it > doesn't crash. > > Killing and relaunching /usr/bin/stunnel restarts the situation > allowing me to ssh-over-stunel OK on the first attempt but again > hanging on the 2nd and subsequent 'ssh' attempts > > Also, the 'stunnel' server on Ubuntu continues to run throughout since > I can continue to ssh-over-stunnel into it from other machines. > > It doesn't *seem* to be a firewall problem, since it connects fine the > first time. Nor does it seem to be a network or 'stunnel' server > problem. > > Any ideas on why this is happening? > -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple