Public bug reported: The full IPv4 tunnel don't quit the ssh process when network connectivity fails, thus invalidating the potential benefit of Server/ClientAliveInterval and Server/ClientAliveCountMax.
Here are some config file snippets. -------------------------------------------------------------------------------- # cat /etc/ssh/sshd_config |uncomment GSSAPIAuthentication no ChallengeResponseAuthentication yes PermitRootLogin yes Port 22 Protocol 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_ed25519_key UsePrivilegeSeparation yes KeyRegenerationInterval 3600 ServerKeyBits 1024 SyslogFacility AUTH LogLevel INFO LoginGraceTime 120 StrictModes yes RSAAuthentication yes PubkeyAuthentication yes IgnoreRhosts yes RhostsRSAAuthentication no HostbasedAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server UsePAM yes PasswordAuthentication no UseDNS no PermitTunnel yes ClientAliveInterval 20 ClientAliveCountMax 3 Match User sshtun ForceCommand /bin/true # cat /etc/ssh/ssh_config |uncomment Host * SendEnv LANG LC_* HashKnownHosts yes GSSAPIAuthentication yes GSSAPIDelegateCredentials no ServerAliveInterval 20 ServerAliveCountMax 3 # grep sshtun /etc/passwd sshtun:x:1000:1000:,,,:/home/sshtun:/bin/false # grep sshtun /etc/shadow sshtun:!:17102:0:99999:7::: # grep -A6 tun203 /etc/network/interfaces.d/tunnels.cfg auto tun203 iface tun203 inet manual pre-up /sbin/ifup venet0:0 >/dev/null 2>&1 || true pre-up /sbin/ip tuntap add $IFACE mode tun user sshtun pre-up /sbin/ip link set dev $IFACE up pre-up /sbin/ip address add 100.127.0.2/32 dev lo >/dev/null 2>&1 || true post-up /sbin/ip route add 100.127.0.3 dev $IFACE src 100.127.0.2 >/dev/null 2>&1 || true post-down /sbin/ip link del $IFACE -------------------------------------------------------------------------------- The purpose of this configuration is to establish a full IPv4 tunnel between initiatorserver.example.com and w1.example.com using tun203 iface name on both side. Down below an ssh command that don't show any "client_input_global_request: rtype keepal...@openssh.com want_reply 1" at the end. -------------------------------------------------------------------------------- sudo -u sshtun ssh -N -T -i /home/sshtun/.ssh/id_ed25519 -w 203:203 -o LogLevel=DEBUG3 -o ServerAliveInterval=30 -o ServerAliveCountMax=3 -o ConnectTimeout=10 -o ExitOnForwardFailure=yes -o Tunnel=point-to-point ssh...@w1.example.com debug1: Reading configuration data /home/sshtun/.ssh/config debug1: /home/sshtun/.ssh/config line 1: Applying options for *.example.com debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to w1.example.com [203.0.113.1] port 22. debug2: fd 3 setting O_NONBLOCK debug1: fd 3 clearing O_NONBLOCK debug1: Connection established. debug3: timeout: 10000 ms remain after connect debug1: identity file /home/sshtun/.ssh/id_ed25519 type 4 debug1: key_load_public: No such file or directory debug1: identity file /home/sshtun/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u3 debug1: match: OpenSSH_6.7p1 Debian-5+deb8u3 pat OpenSSH* compat 0x04000000 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "w1.example.com" from file "/home/sshtun/.ssh/known_hosts" debug3: load_hostkeys: found key type ED25519 in file /home/sshtun/.ssh/known_hosts:5 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-ed25519-cert-...@openssh.com,ssh-ed25519 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-ed25519-cert-...@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-...@openssh.com,hmac-ripemd160-...@openssh.com,hmac-sha1-96-...@openssh.com,hmac-md5-96-...@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-...@openssh.com,hmac-ripemd160-...@openssh.com,hmac-sha1-96-...@openssh.com,hmac-md5-96-...@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-ed25519 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: kex_parse_kexinit: none,z...@openssh.com debug2: kex_parse_kexinit: none,z...@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: setup umac-64-...@openssh.com debug1: kex: server->client aes128-ctr umac-64-...@openssh.com none debug2: mac_setup: setup umac-64-...@openssh.com debug1: kex: client->server aes128-ctr umac-64-...@openssh.com none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ED25519 0b:09:31:ea:b1:a8:99:91:3f:d7:5a:1d:a0:71:33:40 debug3: load_hostkeys: loading entries for host "w1.example.com" from file "/home/sshtun/.ssh/known_hosts" debug3: load_hostkeys: found key type ED25519 in file /home/sshtun/.ssh/known_hosts:5 debug3: load_hostkeys: loaded 1 keys debug3: load_hostkeys: loading entries for host "203.0.113.1" from file "/home/sshtun/.ssh/known_hosts" debug3: load_hostkeys: found key type ED25519 in file /home/sshtun/.ssh/known_hosts:9 debug3: load_hostkeys: loaded 1 keys debug1: Host 'w1.example.com' is known and matches the ED25519 host key. debug1: Found key in /home/sshtun/.ssh/known_hosts:5 debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/sshtun/.ssh/id_ed25519 (0x7f54c4555e00), explicit debug1: Authentications that can continue: publickey,keyboard-interactive debug3: start over, passed a different list publickey,keyboard-interactive debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering ED25519 public key: /home/sshtun/.ssh/id_ed25519 debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg ssh-ed25519 blen 51 debug2: input_userauth_pk_ok: fp 56:8e:42:a8:e0:9f:40:82:94:6f:03:18:54:25:f1:af debug3: sign_and_send_pubkey: ED25519 56:8e:42:a8:e0:9f:40:82:94:6f:03:18:54:25:f1:af debug1: Authentication succeeded (publickey). Authenticated to w1.example.com ([203.0.113.1]:22). debug1: Requesting tun unit 203 in mode 1 debug1: sys_tun_open: tun203 mode 1 fd 4 debug2: fd 4 setting O_NONBLOCK debug3: fd 4 is O_NONBLOCK debug1: channel 0: new [tun] debug2: fd 3 setting TCP_NODELAY debug3: packet_set_tos: set IP_TOS 0x10 debug1: Requesting no-more-sessi...@openssh.com debug1: Entering interactive session. debug2: channel 0: open confirm rwindow 2097152 rmax 32768 -------------------------------------------------------------------------------- Please note that the tunnel works and the only thing that lacks is the non-spoofable alive messages system that will quit the process when the ssh vpn partners are unreachable. Here below there's another ssh command, made by the same initiatorserver, that uses only TCP forwarding. In the log below, please find the lines with "client_input_global_request: rtype keepal...@openssh.com want_reply 1" near the end. Those lines show that the alive messages system is working fine, and those lines are what is missing in the previous scenario. -------------------------------------------------------------------------------- sudo -u sshtun ssh -N -T -i /home/sshtun/.ssh/id_ed25519 -L55203:127.0.0.1:55203 -R55302:127.0.0.1:55302 -o LogLevel=DEBUG3 -o ServerAliveInterval=30 -o ServerAliveCountMax=3 -o ConnectTimeout=10 -o ExitOnForwardFailure=yes -o Tunnel=no ssh...@w1.example.com debug1: Reading configuration data /home/sshtun/.ssh/config debug1: /home/sshtun/.ssh/config line 1: Applying options for *.example.com debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to w1.example.com [203.0.113.1] port 22. debug2: fd 3 setting O_NONBLOCK debug1: fd 3 clearing O_NONBLOCK debug1: Connection established. debug3: timeout: 10000 ms remain after connect debug1: identity file /home/sshtun/.ssh/id_ed25519 type 4 debug1: key_load_public: No such file or directory debug1: identity file /home/sshtun/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u3 debug1: match: OpenSSH_6.7p1 Debian-5+deb8u3 pat OpenSSH* compat 0x04000000 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "w1.example.com" from file "/home/sshtun/.ssh/known_hosts" debug3: load_hostkeys: found key type ED25519 in file /home/sshtun/.ssh/known_hosts:5 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-ed25519-cert-...@openssh.com,ssh-ed25519 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-ed25519-cert-...@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-...@openssh.com,hmac-ripemd160-...@openssh.com,hmac-sha1-96-...@openssh.com,hmac-md5-96-...@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-...@openssh.com,hmac-ripemd160-...@openssh.com,hmac-sha1-96-...@openssh.com,hmac-md5-96-...@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-ed25519 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: kex_parse_kexinit: none,z...@openssh.com debug2: kex_parse_kexinit: none,z...@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: setup umac-64-...@openssh.com debug1: kex: server->client aes128-ctr umac-64-...@openssh.com none debug2: mac_setup: setup umac-64-...@openssh.com debug1: kex: client->server aes128-ctr umac-64-...@openssh.com none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ED25519 0b:09:31:ea:b1:a8:99:91:3f:d7:5a:1d:a0:71:33:40 debug3: load_hostkeys: loading entries for host "w1.example.com" from file "/home/sshtun/.ssh/known_hosts" debug3: load_hostkeys: found key type ED25519 in file /home/sshtun/.ssh/known_hosts:5 debug3: load_hostkeys: loaded 1 keys debug3: load_hostkeys: loading entries for host "203.0.113.1" from file "/home/sshtun/.ssh/known_hosts" debug3: load_hostkeys: found key type ED25519 in file /home/sshtun/.ssh/known_hosts:9 debug3: load_hostkeys: loaded 1 keys debug1: Host 'w1.example.com' is known and matches the ED25519 host key. debug1: Found key in /home/sshtun/.ssh/known_hosts:5 debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/sshtun/.ssh/id_ed25519 (0x7ff7157c1ed0), explicit debug1: Authentications that can continue: publickey,keyboard-interactive debug3: start over, passed a different list publickey,keyboard-interactive debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering ED25519 public key: /home/sshtun/.ssh/id_ed25519 debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg ssh-ed25519 blen 51 debug2: input_userauth_pk_ok: fp 56:8e:42:a8:e0:9f:40:82:94:6f:03:18:54:25:f1:af debug3: sign_and_send_pubkey: ED25519 56:8e:42:a8:e0:9f:40:82:94:6f:03:18:54:25:f1:af debug1: Authentication succeeded (publickey). Authenticated to w1.example.com ([203.0.113.1]:22). debug1: Local connections to LOCALHOST:55203 forwarded to remote address 127.0.0.1:55203 debug3: channel_setup_fwd_listener_tcpip: type 2 wildcard 0 addr NULL debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY debug1: Local forwarding listening on ::1 port 55203. debug2: fd 4 setting O_NONBLOCK debug3: fd 4 is O_NONBLOCK debug1: channel 0: new [port listener] debug1: Local forwarding listening on 127.0.0.1 port 55203. debug2: fd 5 setting O_NONBLOCK debug3: fd 5 is O_NONBLOCK debug1: channel 1: new [port listener] debug1: Remote connections from LOCALHOST:55302 forwarded to local address 127.0.0.1:55302 debug2: fd 3 setting TCP_NODELAY debug3: packet_set_tos: set IP_TOS 0x10 debug1: Requesting no-more-sessi...@openssh.com debug1: Entering interactive session. debug1: remote forward success for: listen 55302, connect 127.0.0.1:55302 debug1: All remote forwarding requests processed debug1: client_input_global_request: rtype keepal...@openssh.com want_reply 1 debug1: client_input_global_request: rtype keepal...@openssh.com want_reply 1 debug1: client_input_global_request: rtype keepal...@openssh.com want_reply 1 debug1: client_input_global_request: rtype keepal...@openssh.com want_reply 1 Timeout, server w1.example.com not responding. ** Affects: openssh (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1694395 Title: ServerAlive and ClientAlive not working when using Tunnel=point-to- point Status in openssh package in Ubuntu: New Bug description: The full IPv4 tunnel don't quit the ssh process when network connectivity fails, thus invalidating the potential benefit of Server/ClientAliveInterval and Server/ClientAliveCountMax. Here are some config file snippets. -------------------------------------------------------------------------------- # cat /etc/ssh/sshd_config |uncomment GSSAPIAuthentication no ChallengeResponseAuthentication yes PermitRootLogin yes Port 22 Protocol 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_ed25519_key UsePrivilegeSeparation yes KeyRegenerationInterval 3600 ServerKeyBits 1024 SyslogFacility AUTH LogLevel INFO LoginGraceTime 120 StrictModes yes RSAAuthentication yes PubkeyAuthentication yes IgnoreRhosts yes RhostsRSAAuthentication no HostbasedAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server UsePAM yes PasswordAuthentication no UseDNS no PermitTunnel yes ClientAliveInterval 20 ClientAliveCountMax 3 Match User sshtun ForceCommand /bin/true # cat /etc/ssh/ssh_config |uncomment Host * SendEnv LANG LC_* HashKnownHosts yes GSSAPIAuthentication yes GSSAPIDelegateCredentials no ServerAliveInterval 20 ServerAliveCountMax 3 # grep sshtun /etc/passwd sshtun:x:1000:1000:,,,:/home/sshtun:/bin/false # grep sshtun /etc/shadow sshtun:!:17102:0:99999:7::: # grep -A6 tun203 /etc/network/interfaces.d/tunnels.cfg auto tun203 iface tun203 inet manual pre-up /sbin/ifup venet0:0 >/dev/null 2>&1 || true pre-up /sbin/ip tuntap add $IFACE mode tun user sshtun pre-up /sbin/ip link set dev $IFACE up pre-up /sbin/ip address add 100.127.0.2/32 dev lo >/dev/null 2>&1 || true post-up /sbin/ip route add 100.127.0.3 dev $IFACE src 100.127.0.2 >/dev/null 2>&1 || true post-down /sbin/ip link del $IFACE -------------------------------------------------------------------------------- The purpose of this configuration is to establish a full IPv4 tunnel between initiatorserver.example.com and w1.example.com using tun203 iface name on both side. Down below an ssh command that don't show any "client_input_global_request: rtype keepal...@openssh.com want_reply 1" at the end. -------------------------------------------------------------------------------- sudo -u sshtun ssh -N -T -i /home/sshtun/.ssh/id_ed25519 -w 203:203 -o LogLevel=DEBUG3 -o ServerAliveInterval=30 -o ServerAliveCountMax=3 -o ConnectTimeout=10 -o ExitOnForwardFailure=yes -o Tunnel=point-to-point ssh...@w1.example.com debug1: Reading configuration data /home/sshtun/.ssh/config debug1: /home/sshtun/.ssh/config line 1: Applying options for *.example.com debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to w1.example.com [203.0.113.1] port 22. debug2: fd 3 setting O_NONBLOCK debug1: fd 3 clearing O_NONBLOCK debug1: Connection established. debug3: timeout: 10000 ms remain after connect debug1: identity file /home/sshtun/.ssh/id_ed25519 type 4 debug1: key_load_public: No such file or directory debug1: identity file /home/sshtun/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u3 debug1: match: OpenSSH_6.7p1 Debian-5+deb8u3 pat OpenSSH* compat 0x04000000 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "w1.example.com" from file "/home/sshtun/.ssh/known_hosts" debug3: load_hostkeys: found key type ED25519 in file /home/sshtun/.ssh/known_hosts:5 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-ed25519-cert-...@openssh.com,ssh-ed25519 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-ed25519-cert-...@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-...@openssh.com,hmac-ripemd160-...@openssh.com,hmac-sha1-96-...@openssh.com,hmac-md5-96-...@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-...@openssh.com,hmac-ripemd160-...@openssh.com,hmac-sha1-96-...@openssh.com,hmac-md5-96-...@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-ed25519 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: kex_parse_kexinit: none,z...@openssh.com debug2: kex_parse_kexinit: none,z...@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: setup umac-64-...@openssh.com debug1: kex: server->client aes128-ctr umac-64-...@openssh.com none debug2: mac_setup: setup umac-64-...@openssh.com debug1: kex: client->server aes128-ctr umac-64-...@openssh.com none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ED25519 0b:09:31:ea:b1:a8:99:91:3f:d7:5a:1d:a0:71:33:40 debug3: load_hostkeys: loading entries for host "w1.example.com" from file "/home/sshtun/.ssh/known_hosts" debug3: load_hostkeys: found key type ED25519 in file /home/sshtun/.ssh/known_hosts:5 debug3: load_hostkeys: loaded 1 keys debug3: load_hostkeys: loading entries for host "203.0.113.1" from file "/home/sshtun/.ssh/known_hosts" debug3: load_hostkeys: found key type ED25519 in file /home/sshtun/.ssh/known_hosts:9 debug3: load_hostkeys: loaded 1 keys debug1: Host 'w1.example.com' is known and matches the ED25519 host key. debug1: Found key in /home/sshtun/.ssh/known_hosts:5 debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/sshtun/.ssh/id_ed25519 (0x7f54c4555e00), explicit debug1: Authentications that can continue: publickey,keyboard-interactive debug3: start over, passed a different list publickey,keyboard-interactive debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering ED25519 public key: /home/sshtun/.ssh/id_ed25519 debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg ssh-ed25519 blen 51 debug2: input_userauth_pk_ok: fp 56:8e:42:a8:e0:9f:40:82:94:6f:03:18:54:25:f1:af debug3: sign_and_send_pubkey: ED25519 56:8e:42:a8:e0:9f:40:82:94:6f:03:18:54:25:f1:af debug1: Authentication succeeded (publickey). Authenticated to w1.example.com ([203.0.113.1]:22). debug1: Requesting tun unit 203 in mode 1 debug1: sys_tun_open: tun203 mode 1 fd 4 debug2: fd 4 setting O_NONBLOCK debug3: fd 4 is O_NONBLOCK debug1: channel 0: new [tun] debug2: fd 3 setting TCP_NODELAY debug3: packet_set_tos: set IP_TOS 0x10 debug1: Requesting no-more-sessi...@openssh.com debug1: Entering interactive session. debug2: channel 0: open confirm rwindow 2097152 rmax 32768 -------------------------------------------------------------------------------- Please note that the tunnel works and the only thing that lacks is the non-spoofable alive messages system that will quit the process when the ssh vpn partners are unreachable. Here below there's another ssh command, made by the same initiatorserver, that uses only TCP forwarding. In the log below, please find the lines with "client_input_global_request: rtype keepal...@openssh.com want_reply 1" near the end. Those lines show that the alive messages system is working fine, and those lines are what is missing in the previous scenario. -------------------------------------------------------------------------------- sudo -u sshtun ssh -N -T -i /home/sshtun/.ssh/id_ed25519 -L55203:127.0.0.1:55203 -R55302:127.0.0.1:55302 -o LogLevel=DEBUG3 -o ServerAliveInterval=30 -o ServerAliveCountMax=3 -o ConnectTimeout=10 -o ExitOnForwardFailure=yes -o Tunnel=no ssh...@w1.example.com debug1: Reading configuration data /home/sshtun/.ssh/config debug1: /home/sshtun/.ssh/config line 1: Applying options for *.example.com debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to w1.example.com [203.0.113.1] port 22. debug2: fd 3 setting O_NONBLOCK debug1: fd 3 clearing O_NONBLOCK debug1: Connection established. debug3: timeout: 10000 ms remain after connect debug1: identity file /home/sshtun/.ssh/id_ed25519 type 4 debug1: key_load_public: No such file or directory debug1: identity file /home/sshtun/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Debian-5+deb8u3 debug1: match: OpenSSH_6.7p1 Debian-5+deb8u3 pat OpenSSH* compat 0x04000000 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "w1.example.com" from file "/home/sshtun/.ssh/known_hosts" debug3: load_hostkeys: found key type ED25519 in file /home/sshtun/.ssh/known_hosts:5 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-ed25519-cert-...@openssh.com,ssh-ed25519 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-ed25519-cert-...@openssh.com,ssh-ed25519,ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384-cert-...@openssh.com,ecdsa-sha2-nistp521-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com,ssh-dss-cert-...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-...@lysator.liu.se debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-...@openssh.com,hmac-ripemd160-...@openssh.com,hmac-sha1-96-...@openssh.com,hmac-md5-96-...@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-md5-...@openssh.com,hmac-ripemd160-...@openssh.com,hmac-sha1-96-...@openssh.com,hmac-md5-96-...@openssh.com,hmac-md5,hmac-ripemd160,hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: none,z...@openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-ed25519 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com,chacha20-poly1...@openssh.com debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: kex_parse_kexinit: umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 debug2: kex_parse_kexinit: none,z...@openssh.com debug2: kex_parse_kexinit: none,z...@openssh.com debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: setup umac-64-...@openssh.com debug1: kex: server->client aes128-ctr umac-64-...@openssh.com none debug2: mac_setup: setup umac-64-...@openssh.com debug1: kex: client->server aes128-ctr umac-64-...@openssh.com none debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: ED25519 0b:09:31:ea:b1:a8:99:91:3f:d7:5a:1d:a0:71:33:40 debug3: load_hostkeys: loading entries for host "w1.example.com" from file "/home/sshtun/.ssh/known_hosts" debug3: load_hostkeys: found key type ED25519 in file /home/sshtun/.ssh/known_hosts:5 debug3: load_hostkeys: loaded 1 keys debug3: load_hostkeys: loading entries for host "203.0.113.1" from file "/home/sshtun/.ssh/known_hosts" debug3: load_hostkeys: found key type ED25519 in file /home/sshtun/.ssh/known_hosts:9 debug3: load_hostkeys: loaded 1 keys debug1: Host 'w1.example.com' is known and matches the ED25519 host key. debug1: Found key in /home/sshtun/.ssh/known_hosts:5 debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/sshtun/.ssh/id_ed25519 (0x7ff7157c1ed0), explicit debug1: Authentications that can continue: publickey,keyboard-interactive debug3: start over, passed a different list publickey,keyboard-interactive debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering ED25519 public key: /home/sshtun/.ssh/id_ed25519 debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg ssh-ed25519 blen 51 debug2: input_userauth_pk_ok: fp 56:8e:42:a8:e0:9f:40:82:94:6f:03:18:54:25:f1:af debug3: sign_and_send_pubkey: ED25519 56:8e:42:a8:e0:9f:40:82:94:6f:03:18:54:25:f1:af debug1: Authentication succeeded (publickey). Authenticated to w1.example.com ([203.0.113.1]:22). debug1: Local connections to LOCALHOST:55203 forwarded to remote address 127.0.0.1:55203 debug3: channel_setup_fwd_listener_tcpip: type 2 wildcard 0 addr NULL debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY debug1: Local forwarding listening on ::1 port 55203. debug2: fd 4 setting O_NONBLOCK debug3: fd 4 is O_NONBLOCK debug1: channel 0: new [port listener] debug1: Local forwarding listening on 127.0.0.1 port 55203. debug2: fd 5 setting O_NONBLOCK debug3: fd 5 is O_NONBLOCK debug1: channel 1: new [port listener] debug1: Remote connections from LOCALHOST:55302 forwarded to local address 127.0.0.1:55302 debug2: fd 3 setting TCP_NODELAY debug3: packet_set_tos: set IP_TOS 0x10 debug1: Requesting no-more-sessi...@openssh.com debug1: Entering interactive session. debug1: remote forward success for: listen 55302, connect 127.0.0.1:55302 debug1: All remote forwarding requests processed debug1: client_input_global_request: rtype keepal...@openssh.com want_reply 1 debug1: client_input_global_request: rtype keepal...@openssh.com want_reply 1 debug1: client_input_global_request: rtype keepal...@openssh.com want_reply 1 debug1: client_input_global_request: rtype keepal...@openssh.com want_reply 1 Timeout, server w1.example.com not responding. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1694395/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp