[sslh] ssh protocol and server-starting
Yves Rutschle
yves at naryves.com
Thu Feb 9 16:25:22 CET 2012
On Thu, Feb 09, 2012 at 02:31:42PM +0000, MJ Ray wrote:
> I asked before upgrading because I thought the principle was so
> fundamental to sslh's operation that it wouldn't have changed but I'm
> glad that it has.
It's historical :-) sslh was inspired by a Perl script
(named sslh...) which worked using a timeout, so that's how
my first versions worked and it was fine for all
OpenSSH-based client, which are legions.
It wasn't until much later that someone reported problems
with Tunnelier and ConnectBot that I actually looked at the
RFC and realised the triage algorithm was all wrong.
> I only discovered after sending that sslh at rutschle is a mailing list
> (I see that's now mentioned in the README, but it wasn't in 1.6!) so I
The mailing list didn't exist back then (it's almost three
years old...)
> One quirk: it seemed that -n was required to avoid a very slow start.
> I'll try to investigate that more when the server is less busy but it
> could have been a temporary problem.
That typically indicates a problem with your DNS setup: -n
tells sslh to only use raw IP addresses in logs; without it
it will perform reverse DNS request for all names, which can
sometime take a very long time, if you DNS is too slow, or
primary DNS is inaccessible, or something like that.
Y.
More information about the sslh
mailing list