X-Recipient: archive-cygwin AT delorie DOT com DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 44711385E458 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com; s=default; t=1708199788; bh=H15StVpS+Fjilpn1An4bUXQw2VlAd2QiF27pXykzgWQ=; h=To:Subject:Date:References:List-Id:List-Unsubscribe:List-Archive: List-Post:List-Help:List-Subscribe:From:Reply-To:From; b=hz17TboD+jfB49EY2/cPoxzzstCAMnU69xwCNd74Iy4EKe42DIlsdw2lBgsQwfZaa +BadDgP8jhq2taoJADhpi44z4pxdyp8ueXMYd5bOwq33dIf0PSXQrjnmAoj/aNI+Qb qK5kZdEq69Vno80hJDVE4Nna1G++ntAm/6pClDfA= X-Original-To: cygwin AT cygwin DOT com Delivered-To: cygwin AT cygwin DOT com DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org A4580385E005 ARC-Filter: OpenARC Filter v1.0.0 sourceware.org A4580385E005 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1708199768; cv=none; b=p6M7N2N+3qqH0ctOG46LsMUvERVXgCRcr38bZtApPONXCjL2fuenZPTW/RyLHoHTrdzAIaWd61czNIbOPZBQhBQcyExdqH84KutvqkP4lSI1U2082n/RhS/7/vGDkvw5XbnxYbm1PNbWSx0cWvbFvWH7M96e61XSGgUZPBxpxd0= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1708199768; c=relaxed/simple; bh=d5+CejKe/dHH3GHbFW1Ts7jFQWG0ylRqsI48S8KszUE=; h=To:From:Subject:Date:Message-ID:Mime-Version; b=cDBLk70xSlmttjB5LAybDqSJ4COxjOR9sLVSFDSEiw4mBge3d5qcCk3BJfpoZ2M3/ao39kXqqTNWVOJfjyQ1OreLvMabSt3q9DMBA8m88E7Cce1kA5DJ5Sj5DRlvCRkJhPCtb4r82um6AYdP0fzca0PZAk18wTgPZW/PgOVt+Es= ARC-Authentication-Results: i=1; server2.sourceware.org X-Injected-Via-Gmane: http://gmane.org/ To: cygwin AT cygwin DOT com Subject: Re: ssh over stunnel hangs on second connection Date: Sat, 17 Feb 2024 14:55:58 -0500 Message-ID: References: <0100018dae3b46a4-ccc76b81-1814-421b-a81c-d00436297c10-000000 AT email DOT amazonses DOT com> <2orusip0fcft7bvfemu05eb61l43vsnmj8 AT 4ax DOT com> <0100018db4504c0a-a8320068-b704-4458-b4b1-eee8b912bdc7-000000 AT email DOT amazonses DOT com> Mime-Version: 1.0 X-Newsreader: Forte Agent 4.2/32.1118 X-Archive: encrypt X-Spam-Status: No, score=-0.3 required=5.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, FORGED_GMAIL_RCVD, FREEMAIL_FORGED_FROMDOMAIN, FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS, KAM_DMARC_STATUS, NML_ADSP_CUSTOM_MED, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: cygwin AT cygwin DOT com X-Mailman-Version: 2.1.30 List-Id: General Cygwin discussions and problem reports List-Archive: List-Post: List-Help: List-Subscribe: , From: Andrew Schulman via Cygwin Reply-To: Andrew Schulman Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "Cygwin" > > > > But supposing you keep your current configuration. Can you please clarify how > > you're invoking stunnel? Do you have a ProxyCommand directive in your > > .ssh/config, like: > > > > ProxyCommand /usr/bin/stunnel stunnel.conf > > No... I just ssh to 'localhost' on the port that per stunnel.conf is > listening for client connections. > This works fine in Ubuntu and has worked fine for me before on > Win7/Win10. > > I don't use any fixed ProxyCommand to invoke stunnel because the vast > majority of the time I just use straight SSH -- I only use 'stunnel' > when SSH is blocked. OK. So why that worked before and it doesn't work now, I don't know. But what that sounds like to me is that you have only one stunnel process. When you reproduce the problem, how many stunnel processes are running? ps | grep stunnel The advantage of using ProxyCommand in your ssh config is that it starts a separate stunnel process for each connection, which should avoid this problem. If you don't usually need stunnel, you can create one two ssh configurations with different names, one with ProxyCommand and one without, and use whichever one you need. Andrew -- Problem reports: https://cygwin.com/problems.html FAQ: https://cygwin.com/faq/ Documentation: https://cygwin.com/docs.html Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple