x/crypto/ssh: Unable to start subsystem without an exec or shell message #35025
Labels
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
It does.
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
Wrote a little server which implemented an SSH subsystem and tried to write a client to use that subsystem.
A minimal server: http://play.golang.org/p/HtAmPnyMpDl
A minimal client: http://play.golang.org/p/VqSuWARBHJT
What did you expect to see?
Output from the subsystem
What did you see instead?
That the session hadn't been started.
When starting a subsystem, a channel is opened and a
subsystem
request is sent with the name of the subsystem. According to RFC4254 exactly one ofshell
,exec
, orsubsystem
requests can succeed per channel, though it doesn't say that only one may be sent. Currently, the subsystem request is sent with session.RequestSubsystem, but there is no way to call the non-exported session.start without calling session.Start (which sends anexec
request) or session.Shell (which sends ashell
request). This means that to start subsystem, the server will first receive asubsystem
request and then anexec
orshell
request. Changing session.RequestSubsystem to call session.start (i.e. to parallel session.Shell and session.Start) causes the server to start the subsystem and delivers output to the client.The OpenSSH client only sends a
subsystem
message. The OpenSSH server replies with falseexec
request following asubsystem
request.The text was updated successfully, but these errors were encountered: