Re: Is Net::SSH::Expect a thread-safe module?

in reply to Is Net::SSH::Expect a thread-safe module?

How are you using SSH with threads?

In my experience it is never safe to use threads (or forks) with any form of SSH if you plan to create a connection before creating child threads, and then using that connection in multiple children.

The reason is that like any well engineered security product, ssh (RFC 4251) will include protection against replay attacks, via some sort of sequence number. If you start an ssh connection in the parent, and then create child threads, then both parent and child will have copies of the connection object, with a sequence number. If both parent and child (or multiple children) then use their connections to talk to the server, then the ssh demon on the server will see the sequence number go backwards which would normally only happen if a cracker was attempting a replay attack, so the server will close or otherwise reject the connection.

Comment on Re: Is Net::SSH::Expect a thread-safe module?

Replies are listed 'Best First'.
Re^2: Is Net::SSH::Expect a thread-safe module? by salva (Canon) on Jan 26, 2012 at 12:38 UTC
In my experience it is never safe to use threads (or forks) with any form of SSH if you plan to create a connection before creating child threads, and then using that connection in multiple children. Net::OpenSSH supports sharing the connection between different threads or processes.	[reply]
Re^3: Is Net::SSH::Expect a thread-safe module? by ashok.g (Beadle) on Jan 27, 2012 at 11:48 UTC
Wow....! Net::OpenSSH is pretty awesome. I can use threads with this module and able to complete my tasks as well. Thank you very much salva and PerlMonks once again. Thanks, Ashok	[reply]
Re^3: Is Net::SSH::Expect a thread-safe module? by Anonymous Monk on Jan 26, 2012 at 13:23 UTC
it hardcodes /dev/nul	[reply]
Re^4: Is Net::SSH::Expect a thread-safe module? by salva (Canon) on Jan 26, 2012 at 13:27 UTC
So...?	[reply]

In Section Seekers of Perl Wisdom