https://bugzilla.mindrot.org/show_bug.cgi?id=3381
--- Comment #4 from Darren Tucker <[email protected]> --- I can't reproduce with the example config supplied and stock 8.8. $ wc -l /tmp/sshd_config; tail -1 /tmp/sshd_config 142 /tmp/sshd_config RekeyLimit 1M 90s with an idle client: $ sudo `pwd`/sshd -f /tmp/sshd_config -ddde -p2022 2>&1 | while read a; do echo $(date '+%H:%M:%S') $a; done | egrep -i 'newkeys|rekey' 22:25:06 debug3: /tmp/sshd_config:142 setting RekeyLimit 1M 90s 22:25:14 debug3: rexec:142 setting RekeyLimit 1M 90s 22:25:14 debug3: rekey after 1048576 bytes, 90 seconds [preauth] 22:25:14 debug2: set_newkeys: mode 1 [preauth] 22:25:14 debug1: rekey out after 131072 blocks [preauth] 22:25:14 debug1: SSH2_MSG_NEWKEYS sent [preauth] 22:25:14 debug1: expecting SSH2_MSG_NEWKEYS [preauth] 22:25:14 debug1: SSH2_MSG_NEWKEYS received [preauth] 22:25:14 debug2: set_newkeys: mode 0 [preauth] 22:25:14 debug1: rekey in after 131072 blocks [preauth] 22:25:14 debug2: set_newkeys: mode 0 22:25:14 debug1: rekey in after 131072 blocks 22:25:14 debug2: set_newkeys: mode 1 22:25:14 debug1: rekey out after 131072 blocks [... ~90s later it triggers a rekey ...] 22:26:43 debug3: ssh_packet_check_rekey: rekex triggered 22:26:43 debug2: set_newkeys: mode 1 22:26:43 debug1: ssh_set_newkeys: rekeying out, input 4532 bytes 237 blocks, output 4472 bytes 319 blocks 22:26:43 debug1: rekey out after 131072 blocks 22:26:43 debug1: SSH2_MSG_NEWKEYS sent 22:26:43 debug1: expecting SSH2_MSG_NEWKEYS 22:26:43 debug1: SSH2_MSG_NEWKEYS received 22:26:43 debug2: set_newkeys: mode 0 22:26:43 debug1: ssh_set_newkeys: rekeying in, input 4544 bytes 238 blocks, output 4472 bytes 0 blocks 22:26:43 debug1: rekey in after 131072 blocks and with a client that dd's 1MB of stuff, we can also see it rekey ~immediately: $ sudo `pwd`/sshd -f /tmp/sshd_config -ddde -p2022 2>&1 | while read a; do echo $(date '+%H:%M:%S') $a; done | egrep -i 'newkeys' 22:40:40 debug2: set_newkeys: mode 1 [preauth] 22:40:40 debug1: SSH2_MSG_NEWKEYS sent [preauth] 22:40:40 debug1: expecting SSH2_MSG_NEWKEYS [preauth] 22:40:40 debug1: SSH2_MSG_NEWKEYS received [preauth] 22:40:40 debug2: set_newkeys: mode 0 [preauth] 22:40:40 debug2: set_newkeys: mode 0 22:40:40 debug2: set_newkeys: mode 1 22:40:40 debug2: set_newkeys: mode 1 22:40:40 debug1: ssh_set_newkeys: rekeying out, input 4392 bytes 216 blocks, output 922664 bytes 115070 blocks 22:40:40 debug1: SSH2_MSG_NEWKEYS sent 22:40:40 debug1: expecting SSH2_MSG_NEWKEYS 22:40:40 debug1: SSH2_MSG_NEWKEYS received 22:40:40 debug2: set_newkeys: mode 0 22:40:40 debug1: ssh_set_newkeys: rekeying in, input 4404 bytes 217 blocks, output 939068 bytes 2050 blocks -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
