Bug#360510: `ssh -X gksu --ssh-fwd` causes packet storm

Mark Hedges hedges at cartoonity.com
Sun Apr 2 19:56:20 UTC 2006 

Package: gksu
Version: 1.2.5-3
Severity: important



>From an etch system, I try to get into this host as follows:

  ssh -X myhost gksu --ssh-fwd <cmd>

Regardless of <cmd> (gnome-terminal, gvim, echo foo, whatever),
this causes a massive amount of network traffic that brings my
local machine to a grinding halt until I ctl-C.

I am able to get into the host fine with ssh -X and run any
other command, such as `gnome-terminal` without gksu, so I
know that's working.

`top` on the machine lists gksu and ssh with light CPU load.

Here is some `iptables` log output.  Notice in this 1 second
how many full-length packets came in.  This is only a small
fraction of packets in that second.



Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=52 TOS=0x10 PREC=0x00 TTL=64 ID=2169 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN=eth2 OUT=
MAC=00:02:2d:ab:48:93:00:09:43:90:f6:54:08:00 SRC=64.5.53.87
DST=10.253.44.226 LEN=116 TOS=0x00 PREC=0x00 TTL=51 ID=17560 DF
PROTO=TCP SPT=22 DPT=35342 WINDOW=32244 RES=0x00 ACK PSH URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=52 TOS=0x10 PREC=0x00 TTL=64 ID=2170 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=132 TOS=0x10 PREC=0x00 TTL=64 ID=2171 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK PSH URGP=0
Apr  2 12:50:45 localhost kernel: IN=eth2 OUT=
MAC=00:02:2d:ab:48:93:00:09:43:90:f6:54:08:00 SRC=64.5.53.87
DST=10.253.44.226 LEN=100 TOS=0x00 PREC=0x00 TTL=51 ID=17561 DF
PROTO=TCP SPT=22 DPT=35342 WINDOW=32244 RES=0x00 ACK PSH URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=132 TOS=0x10 PREC=0x00 TTL=64 ID=2172 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK PSH URGP=0
Apr  2 12:50:45 localhost kernel: IN=eth2 OUT=
MAC=00:02:2d:ab:48:93:00:09:43:90:f6:54:08:00 SRC=64.5.53.87
DST=10.253.44.226 LEN=116 TOS=0x00 PREC=0x00 TTL=51 ID=17562 DF
PROTO=TCP SPT=22 DPT=35342 WINDOW=32244 RES=0x00 ACK PSH URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2173 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2174 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2175 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2176 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2177 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2178 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2179 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2180 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2181 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2182 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2183 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=556 TOS=0x10 PREC=0x00 TTL=64 ID=2184 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK PSH URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2185 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2186 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2187 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2188 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2189 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2190 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2191 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2192 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2193 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2194 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2195 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=556 TOS=0x10 PREC=0x00 TTL=64 ID=2196 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK PSH URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2197 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2198 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2199 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2200 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2201 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2202 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2203 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2204 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2205 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2206 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2207 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=556 TOS=0x10 PREC=0x00 TTL=64 ID=2208 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK PSH URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2209 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2210 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2211 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2212 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2213 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2214 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2215 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2216 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2217 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2218 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=1500 TOS=0x10 PREC=0x00 TTL=64 ID=2219 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN= OUT=eth2 SRC=10.253.44.226
DST=64.5.53.87 LEN=492 TOS=0x10 PREC=0x00 TTL=64 ID=2220 DF PROTO=TCP
SPT=35342 DPT=22 WINDOW=8888 RES=0x00 ACK PSH URGP=0
Apr  2 12:50:45 localhost kernel: IN=eth2 OUT=
MAC=00:02:2d:ab:48:93:00:09:43:90:f6:54:08:00 SRC=64.5.53.87
DST=10.253.44.226 LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=17563 DF PROTO=TCP
SPT=22 DPT=35342 WINDOW=32244 RES=0x00 ACK URGP=0
Apr  2 12:50:45 localhost kernel: IN=eth2 OUT=
MAC=00:02:2d:ab:48:93:00:09:43:90:f6:54:08:00 SRC=64.5.53.87
DST=10.253.44.226 LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=17564 DF PROTO=TCP
SPT=22 DPT=35342 WINDOW=32244 RES=0x00 ACK URGP=0


-- System Information:
Debian Release: 3.1
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'testing')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.16.1-linode18-bb1
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages gksu depends on:
ii  libatk1.0-0                  1.8.0-4     The ATK accessibility toolkit
ii  libc6                        2.3.6-3     GNU C Library: Shared libraries an
ii  libgksu1.2-0                 1.2.6-2     library providing su and sudo func
ii  libgksuui1.0-0               1.0.4-3     a graphical fronted to su library
ii  libglib2.0-0                 2.6.4-1     The GLib library of C routines
ii  libgtk2.0-0                  2.6.4-3.1   The GTK+ graphical user interface 
ii  libpango1.0-0                1.8.1-1     Layout and rendering of internatio
ii  sudo                         1.6.8p7-1.3 Provide limited super user privile

gksu recommends no packages.

-- no debconf information

More information about the Pkg-gnome-maintainers mailing list