Is OpenSSH sending an email to [email protected] every time I connect?
No, that's not an email address. The something@domain
syntax is used in many other places, and SSHv2 uses it for naming all "nonstandard" extensions (ciphers, subsystems, and so on).
So this particular request has @openssh.com
because it was invented by OpenSSH, and hasn't been made part of the "main" standard documents.
Its purpose is explained in the OpenSSH 5.1 release notes:
- Added a [email protected] global request extension that is sent from ssh(1) to sshd(8) when the client knows that it will never request another session (i.e. when session multiplexing is disabled). This allows a server to disallow further session requests and terminate the session in cases where the client has been hijacked.
Related videos on Youtube
Undo
Stack Overflow moderator. I bite, but only when sufficiently provoked. Everything I post on Stack Overflow is licensed to you under CC0: you can copy, modify, distribute and perform the work, even for commercial purposes, all without asking permission. Feel free to just throw it into your project without attribution. That's what most folks do anyway... but for my contributions, it's nice and legal.
Updated on September 18, 2022Comments
-
Undo over 1 year
When I try to connect to my EC2 (Ubuntu 14.04.3) server with
ssh -v server
, I see this at the end of the log:debug1: read PEM private key done: type RSA debug1: Authentication succeeded (publickey). Authenticated to <domain>.com ([192.168.1.42]:12345). debug1: channel 0: new [client-session] debug1: Requesting [email protected] # <!-!-!-!-!-!- What's this? debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 debug1: Sending env LC_CTYPE = en_US.UTF-8 Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-55-generic x86_64)
This is my
.ssh/config
:Host server HostName domain.com User myuser IdentityFile ~/path/to/EC2Key.pem Port <portnumber>
Which seems normal. I can see two possible reasons here:
- OpenSSH is trying to make a connection to
openssh.com
as a userno-more-sessions
- but that doesn't make any sense either, why? - OpenSSH is trying to send email to
[email protected]
. This makes even less sense, and both options seem a little creepy.
What's happening here?
- OpenSSH is trying to make a connection to
-
Daniel B over 8 yearsIndeed. In this case, it’s something like
<thing>@<namespace>
. Another related method is the reverse domain style (whatever it’s called):<namespace>.<thing>