Is OpenSSH sending an email to [email protected] every time I connect?

When I try to connect to my EC2 (Ubuntu 14.04.3) server with ssh -v server, I see this at the end of the log:

debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to <domain>.com ([192.168.1.42]:12345).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]  # <!-!-!-!-!-!- What's this?
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending env LC_CTYPE = en_US.UTF-8
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-55-generic x86_64)

This is my .ssh/config:

Host server
  HostName domain.com
  User myuser
  IdentityFile ~/path/to/EC2Key.pem
  Port <portnumber>

Which seems normal. I can see two possible reasons here:

  1. OpenSSH is trying to make a connection to openssh.com as a user no-more-sessions - but that doesn't make any sense either, why?
  2. OpenSSH is trying to send email to [email protected]. This makes even less sense, and both options seem a little creepy.

What's happening here?


No, that's not an email address. The something@domain syntax is used in many other places, and SSHv2 uses it for naming all "nonstandard" extensions (ciphers, subsystems, and so on).

So this particular request has @openssh.com because it was invented by OpenSSH, and hasn't been made part of the "main" standard documents.

Its purpose is explained in the OpenSSH 5.1 release notes:

  • Added a [email protected] global request extension that is sent from ssh(1) to sshd(8) when the client knows that it will never request another session (i.e. when session multiplexing is disabled). This allows a server to disallow further session requests and terminate the session in cases where the client has been hijacked.