Is OpenSSH sending an email to [email protected] every time I connect?
When I try to connect to my EC2 (Ubuntu 14.04.3) server with ssh -v server
, I see this at the end of the log:
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to <domain>.com ([192.168.1.42]:12345).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected] # <!-!-!-!-!-!- What's this?
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending env LC_CTYPE = en_US.UTF-8
Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.13.0-55-generic x86_64)
This is my .ssh/config
:
Host server
HostName domain.com
User myuser
IdentityFile ~/path/to/EC2Key.pem
Port <portnumber>
Which seems normal. I can see two possible reasons here:
- OpenSSH is trying to make a connection to
openssh.com
as a userno-more-sessions
- but that doesn't make any sense either, why? - OpenSSH is trying to send email to
[email protected]
. This makes even less sense, and both options seem a little creepy.
What's happening here?
No, that's not an email address. The something@domain
syntax is used in many other places, and SSHv2 uses it for naming all "nonstandard" extensions (ciphers, subsystems, and so on).
So this particular request has @openssh.com
because it was invented by OpenSSH, and hasn't been made part of the "main" standard documents.
Its purpose is explained in the OpenSSH 5.1 release notes:
- Added a [email protected] global request extension that is sent from ssh(1) to sshd(8) when the client knows that it will never request another session (i.e. when session multiplexing is disabled). This allows a server to disallow further session requests and terminate the session in cases where the client has been hijacked.