From: Andrey Repin <anrdaemon@yandex.ru>
To: Jim Garrison via Cygwin <jhg@acm.org>, cygwin@cygwin.com
Subject: Re: OpenSSH 8.9p1-1 Connects successfully but then hangs - Killing ssh-agent resolves the issue
Date: Mon, 4 Apr 2022 10:25:06 +0300 [thread overview]
Message-ID: <1478129170.20220404102506@yandex.ru> (raw)
In-Reply-To: <3ed89752-9676-a668-f63c-1a9b7662d7b5@jhmg.net>
Greetings, Jim Garrison via Cygwin!
Replying to the first post to reduce quoting, but I did read the entire thread.
> My Cygwin ssh client stopped working... It would successfully connect to
> the remote (Debian) host but then hang without displaying the command
> prompt. See debug output attached, as well as cygcheck output.
> I decided to run setup to see if there was a newer version of openssh.
> In preparation for that I always terminate all Cygwin processes because
> they will interfere with the update. I killed the ssh-agent process and
> on a whim decided to try connecting again. This time it worked.
> This would seem to indicate something in ssh-agent is interfering with
> the connection. There are no credentials loaded into ssh-agent.
I've encountered similar issue with ssh-pageant myself.
The explanation (as I see it) is this:
At certain point in its lifetime, the agent gets stuck <somewhere> and cease
to respond to the requests.
SSH attempting to contact the hung agent, the connection thread responds but
internal storage is somehow locked and never return any usable info on which
the client could meaningfully act. Since neither agent, nor SSH have any
guarding code against slow responses in this place, entire system hangs
indefinitely.
This is how the problem is observed. The following is a pure guesswork (with a
workaround).
I'm only exclusively observing this issue on my notebook. My guess is when it
awakes from hibernation, some internal state is not managed well. The delay in
agent response gets increasingly larger until it reaches the point of
intolerability. I've made a workaround like the following:
_check_agent() {
test -f "$HOME/.ssh/agent" && . "$HOME/.ssh/agent" > /dev/null
ssh-add -l > /dev/null 2>&1 &
sleep 1
if kill -0 $! 2> /dev/null; then
echo "$( basename "$0" ): ssh-add: the agent is hung, unable to continue" >&2
exit 1
fi
if ! wait $!; then
echo "$( basename "$0" ): ssh-add: no identities or unable to contact the agent" >&2
exit 2
fi
}
What it does is:
1. Run a command to list available keys, detached.
2. Wait a second to let the command complete, if all goes well.
3. Test if a listing command is still around. If it does, assume hung agent
and report an error.
4. Also report an error if no keys are registered with agent or agent is dead.
--
With best regards,
Andrey Repin
Monday, April 4, 2022 9:16:49
Sorry for my terrible english...
prev parent reply other threads:[~2022-04-04 7:35 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-31 20:31 Jim Garrison
2022-04-01 9:21 ` Henry S. Thompson
2022-04-01 20:17 ` Jim Garrison
2022-04-03 11:47 ` [cygwin] " Jason Pyeron
2022-04-03 16:50 ` Henry S. Thompson
2022-04-03 17:15 ` Jim Garrison
2022-04-04 7:25 ` Andrey Repin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1478129170.20220404102506@yandex.ru \
--to=anrdaemon@yandex.ru \
--cc=cygwin@cygwin.com \
--cc=jhg@acm.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).