[rescue] MacOS X: First Thoughts

Greg rescue at sunhelp.org
Sat Aug 4 12:05:19 CDT 2001 

> > Let's see... in recent releases OpenSSH has managed to:
> >
> > 	- corrupt my utmp/wtmp files preventing me from being able
> > 	  to login to the machine it was running on.
> > 	- started sending SSHv2 messages to SSHv1 clients causing
> > 	  them to choke and die (fix submitted to the maintainers
> > 	  and accepted; bug exists in 2.9p2)
> > 	- had real bugs found by lint that were only recently fixed
> > 	  (routines that are supposed to return a pointer falling off
> > 	  off the end and returning garbage on error conditions, printf
> > 	  statements with the wrong number of arguments for their format
> > 	  format strings, etc.)
> 
> You know what though, the only thing this means is that OpenSSH wasn't
> ported very well to Solaris....  I am sure one of you Solaris junkies out
> there will have it working great soon.  I will tell you though OpenSSH on
> NetBSD, or Linux, or SCO, or FreeBSD, or OpenBSD works fantastic.

Out of the problems I listed, only the utmp/wtmp corruption bug is specific
to SunOS (and was fixed before 2.9p2).  The rest of the problems are all
completely generic and affect all platforms OpenSSH runs on (they're all
in common code, not platform-specific code).

Oh, and I forgot one of the biggest regression in OpenSSH 2.9 (that affects
_all_ platforms, even the alternative ones):

	- Forwarded ports could not be connected to from other machines,
	  only "localhost"

That was a major pain since I rely on forwarded ports through my firewall
but it affected so many people that a patch was posted pretty darn quickly.

Here are some other recent problems:

And on MacOS X it has problems with the OS' getaddrinfo and can fail to
connect to certain hosts.  Patches were sent to the openssh mailing list
by a MacOS X user.  MacOS X needs "BROKEN_GETADDRINFO" defined to 1.

Apple apparently compiled OpenSSH with the wrong endianness specification
for rijndel and aes128-cbc will not interoperate with other machines.  (this
one is Apple's fault).  Workaround is to build your own, you probably do
anyways.  People report that MacOS X Updates overwrite their own OpenSSH
installation so be careful.

Many Linux users are reporting problems with ssh hanging on exit, no
definitive fix yet AFAICT.
They also report data loss with ssh -n (and also when using ssh
from cron), output is truncated.

Forwarding of IPv4 ports fails when OpenSSH is using IPv6 (on Linux, at
least).

Yes, OpenSSH is _fantastic_!

-greg

More information about the rescue mailing list