{"id":3528,"date":"2022-03-12T23:46:51","date_gmt":"2022-03-12T14:46:51","guid":{"rendered":"http:\/\/matoken.org\/blog\/?p=3528"},"modified":"2022-03-12T23:46:52","modified_gmt":"2022-03-12T14:46:52","slug":"server-connection-failure-with-long-hostname-in-openssh","status":"publish","type":"post","link":"https:\/\/matoken.org\/blog\/2022\/03\/12\/server-connection-failure-with-long-hostname-in-openssh\/","title":{"rendered":"OpenSSH\u3067\u9577\u3044\u30db\u30b9\u30c8\u540d\u306e\u30b5\u30fc\u30d0\u30fc\u63a5\u7d9a\u5931\u6557(too long for Unix domain socket)"},"content":{"rendered":"
\n

\u9577\u3044\u30db\u30b9\u30c8\u540d\u306e\u30b5\u30fc\u30d0\u306b\u63a5\u7d9a\u3057\u3088\u3046\u3068\u3057\u305f\u3089\u8a8d\u8a3c\u6210\u529f\u5f8c\u306b\u6012\u3089\u308c\u307e\u3057\u305f\uff0e\u5b9f\u969b\u306f62\u6587\u5b57\u306e\u9577\u3044\u30db\u30b9\u30c8\u540d\u3067\u3057\u305f\uff0e<\/p>\n<\/div>\n

\n
\n
unix_listener: path \"\/home\/matoken\/.ssh\/tmp\/ssh-${USER}@${\u9577\u3044\u30db\u30b9\u30c8\u540d}:22.r3NYV60KUEAXUuRZ\" too long for Unix domain socket<\/pre>\n<\/div>\n<\/div>\n
<\/p>\n
\nhostname\u304c\u9577\u304f\u3066\uff0c ControlPath \u3067\u8a2d\u5b9a\u3057\u305f\u30d5\u30a1\u30a4\u30eb\u306e\u4f5c\u6210\u6642\u306b\u30d5\u30a1\u30a4\u30eb\u30b7\u30b9\u30c6\u30e0\u306e\u5236\u9650\u3067\u5931\u6557\u3057\u3066\u3044\u308b\u3088\u3046\u3067\u3059\uff0e<\/p>\n<\/div>\n
\n
\u3068\u308a\u3042\u3048\u305a ssh \u306e\u30aa\u30d7\u30b7\u30e7\u30f3\u3067 -o ControlMaster=no<\/code> \u3092\u3064\u3051\u3066\u5b9f\u884c\u3059\u308b\u3068\u7e4b\u304c\u308a\u307e\u3059\uff0e<\/p>\n<\/div>\n
\n
~\/.ssh\/config<\/code> \u306e\u5bfe\u8c61host\u3067 ControlMaster no<\/code> \u3068\u3057\u3066\u307f\u305f\u3051\u3069\u52b9\u304b\u306a\u3044\u3088\u3046\u3067\u540c\u3058\u30a8\u30e9\u30fc\u306b\u306a\u308a\u307e\u3057\u305f\uff0e<\/p>\n<\/div>\n
\n
\n
Host TARGETHOST\n  ControlMaster no\n  ControlPath no<\/pre>\n<\/div>\n<\/div>\n
\n
man 5 ssh_config<\/code> \u3092\u898b\u308b\u3068 ControlPath<\/code> \u306b\u4f7f\u3048\u308b\u5909\u6570\u3067 %C<\/code> \u3092\u6307\u5b9a\u3059\u308b\u3053\u3068\u3067 %l%h%p%r<\/code> \u306e\u30cf\u30c3\u30b7\u30e5\u306b\u306a\u308b\u3088\u3046\u3067\u3059\uff0e<\/p>\n<\/div>\n
\n
\n
     ControlPath\n             Specify the path to the control socket used for connection sharing as described in the ControlMaster section above or the string none to disable connection sharing.  Arguments to ControlPath may use the tilde\n             syntax to refer to a user's home directory, the tokens described in the TOKENS section and environment variables as described in the ENVIRONMENT VARIABLES section.  It is recommended that any ControlPath used\n             for opportunistic connection sharing include at least %h, %p, and %r (or alternatively %C) and be placed in a directory that is not writable by other users.  This ensures that shared connections are uniquely\n             identified.<\/pre>\n<\/div>\n<\/div>\n
\n
\n
TOKENS\n     Arguments to some keywords can make use of tokens, which are expanded at runtime:\n\n           %%    A literal \u2018%\u2019.\n           %C    Hash of %l%h%p%r.\n           %d    Local user's home directory.\n           %f    The fingerprint of the server's host key.\n           %H    The known_hosts hostname or address that is being searched for.\n           %h    The remote hostname.\n           %I    A string describing the reason for a KnownHostsCommand execution: either ADDRESS when looking up a host by address (only when CheckHostIP is enabled), HOSTNAME when searching by hostname, or ORDER when\n                 preparing the host key algorithm preference list to use for the destination host.\n           %i    The local user ID.\n           %K    The base64 encoded host key.\n           %k    The host key alias if specified, otherwise the original remote hostname given on the command line.\n           %L    The local hostname.\n           %l    The local hostname, including the domain name.\n           %n    The original remote hostname, as given on the command line.\n           %p    The remote port.\n           %r    The remote username.\n           %T    The local tun(4) or tap(4) network interface assigned if tunnel forwarding was requested, or \"NONE\" otherwise.\n           %t    The type of the server host key, e.g.  ssh-ed25519.\n           %u    The local username.\n\n     CertificateFile, ControlPath, IdentityAgent, IdentityFile, KnownHostsCommand, LocalForward, Match exec, RemoteCommand, RemoteForward, and UserKnownHostsFile accept the tokens %%, %C, %d, %h, %i, %k, %L, %l, %n, %p,\n     %r, and %u.\n\n     KnownHostsCommand additionally accepts the tokens %f, %H, %I, %K and %t.\n\n     Hostname accepts the tokens %% and %h.\n\n     LocalCommand accepts all tokens.\n\n     ProxyCommand accepts the tokens %%, %h, %n, %p, and %r.<\/pre>\n<\/div>\n<\/div>\n
\n
\u3053\u308c\u3092 ~\/.ssh\/config<\/code> \u306b\u8a2d\u5b9a\u3057\u3066\u307f\u308b\u3068( ControlPath ~\/.ssh\/tmp\/%C<\/code> )\u3053\u3093\u306a\u611f\u3058\u306e a1e724af86ad309c968737a2fb73a3f1c0298e05<\/code> 40\u6587\u5b57\u306e\u30cf\u30c3\u30b7\u30e5\u306e\u30d5\u30a1\u30a4\u30eb\u540d\u306b\u306a\u3063\u3066\u3068\u308a\u3042\u3048\u305a\u89e3\u6c7a\u3057\u307e\u3057\u305f\uff0e\u4eba\u9593\u306b\u306f\u512a\u3057\u304f\u306a\u3044\u3051\u3069\u305d\u3046\u898b\u308b\u3082\u306e\u3067\u306f\u306a\u3044\u306e\u3067\u3044\u3044\u304b\u306a?<\/p>\n<\/div>\n
\n
\u74b0\u5883<\/div>\n
\n
$ dpkg-query -W openssh-client tor\nopenssh-client  1:8.9p1-3\ntor     0.4.6.10-1\n$ lsb_release -dr\nDescription:    Debian GNU\/Linux bookworm\/sid\nRelease:        unstable\n$ arch\nx86_64<\/pre>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
\u9577\u3044\u30db\u30b9\u30c8\u540d\u306e\u30b5\u30fc\u30d0\u306b\u63a5\u7d9a\u3057\u3088\u3046\u3068\u3057\u305f\u3089\u8a8d\u8a3c\u6210\u529f\u5f8c\u306b\u6012\u3089\u308c\u307e\u3057\u305f\uff0e\u5b9f\u969b\u306f62\u6587\u5b57\u306e\u9577\u3044\u30db\u30b9\u30c8\u540d\u3067\u3057\u305f\uff0e unix_listener: path “\/home\/matoken\/.ssh\/tmp\/ssh-${USER}@${ […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"webmentions_disabled_pings":false,"webmentions_disabled":false,"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":4,"activitypub_interaction_policy_quote":"anyone","activitypub_status":"","footnotes":""},"categories":[7,6,199],"tags":[72],"class_list":["post-3528","post","type-post","status-publish","format-standard","hentry","category-debian-linux","category-linux","category-sid","tag-openssh"],"_links":{"self":[{"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/posts\/3528","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/comments?post=3528"}],"version-history":[{"count":0,"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/posts\/3528\/revisions"}],"wp:attachment":[{"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/media?parent=3528"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/categories?post=3528"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/matoken.org\/blog\/wp-json\/wp\/v2\/tags?post=3528"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}