OK, I see the difference. In my experience with the backup script above, I was forking first, and then opening ssh connections in the child processes.

You are investigating opening ssh connections, and then forking afterwards.

I think you will always find problems with this, however you do it. The problem is that when you fork both the parent and the child retain all open file descriptors including network sockets. For some of those file descriptors it is probably harmless, or even desirable behaviour that both parent and child keep the file descriptor, but in the case of a state-full protocol such as ssh, it will almost certainly lead to problems.

Like any well engineered security product, ssh (RFC 4251) will include protection against replay attacks, most likely via some sort of sequence number. If you start and ssh connection, and then fork then both parent and child will inherit copies of the connection object, with a sequence number. If both parent and child then use their connections to talk to the server, then the ssh demon on the server will see the sequence number go backwards which would normally only happen if a cracker was attempting a replay attack, so the server will close or otherwise reject the connection.

In reply to Re^3: Parallel SSH by chrestomanci
in thread Parallel SSH by solaris7

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.