Weird SSH problem - Write failed: Broken pipe

Daniel J. Luke dluke at geeklair.net
Fri Sep 18 08:37:10 PDT 2015 

> On Sep 18, 2015, at 10:21 AM, Dave Horsfall <dave at horsfall.org> wrote:
> Anyone else having SSH "Write failed: Broken pipe" lately, after updating 
> a while back?  

after updating what?

> I keep a window open to my (FreeBSD) mail server all the 
> time (I handle my own email/DNS etc).
> 
> Client is 10.10.5, OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011

so you’re using Apple’s ssh and you’re asking the Macports-users list to help you with it?

> No amount of playing with SSH keepalives etc will fix it; this was working 
> up until about a month ago.
> 
> No amount of "-vvvv" etc will reveal the problem; it craps itself just 
> like that; my various remote "tail -F /var/log/blah" windows, being pretty 
> busy, do not time out thus.

so, clearly there’s something with a state table that is expiring the ‘non-active’ sessions.

You can probably fix it by doing:

Host *
  ServerAliveInterval 300

in your ~/.ssh/config

> No point in running the other end under GDB, as it (Alpine on FreeBSD) is 
> heavily multi-threaded, and what little I can discern does not reveal 
> anything useful anyway.

I would probably hit wireshark / tcpdump first to see what was going on (and probably confirm that there’s some firewall or NAT device that is causing the problem).

> I dimly recall (perhaps here, or perhaps elsewhere) that Apple's SSH (as 
> indicated by the use of "/usr/bin/ssh") is thoroughly busted; not in a 
> crypto sense, but in a "don't use it; use the MacPorts version if you wish 
> to retain your sanity" sense...
> 
> Should I be using a version of SSH/SSL not blessed by Cupertino etc?

I personally like to use a newer openssh than Apple ships, but in this case I don’t think it would fix your problem.
— 
Daniel J. Luke                                                                   
+========================================================+ 
| *---------------- dluke at geeklair.net ----------------* |                          
| *-------------- http://www.geeklair.net -------------* |                          
+========================================================+ 
|   Opinions expressed are mine and do not necessarily   |                          
|          reflect the opinions of my employer.          |                          
+========================================================+

More information about the macports-users mailing list