Re: Question re session hijacking in dual stack environments w/MacOS

[voytek <voytek () trustdarkness com>]

On Fri, 2 Oct 2015 06:58:43 -0500
Doug McIntyre <merlyn () geeks org> wrote:

> On Fri, Oct 02, 2015 at 03:46:40AM -0400, Valdis.Kletnieks () vt edu
> wrote:
> > On Fri, 02 Oct 2015 00:46:47 -0500, Doug McIntyre said:
> >
> > > I suspect this is OSX implementing IPv6 Privacy Extensions. Where
> > > OSX generates a new random IPv6 address, applies it to the
> > > interface, and then drops the old IPv6 addresses as they stale
> > > out. Sessions in use or not.
> >
> > Isn't the OS supposed to wait for the last user of the old address
> > to close their socket before dropping it?
>
> In my experience, no, it doesn't. Ie. the main reason I disable it is
> because my ssh sessions hung after some period of time, so ssh had
> sockets open, but yet the IPv6 addresses kept rotating out.
> Disabling it definately made the ssh sessions stable on OSX.
>
> Apple codes to the masses. Average web browser user or mail client
> won't care, that is all they test against. Not people that leave ssh
> sessions open for days to weeks at a time.

Since no one else has mentioned it yet, mosh is another solution to
this for ssh:
https://mosh.mit.edu/

>