Is SSH ControlMaster with Cygwin on Windows actually possible?

Question

Has anyone been able to use control master with cygwin on Windows to create multiple sessions without having to log on repeatedly? I need to automate a succession of SSH steps but cannot ask the user to enter the required tokenized password eachtime.

I have configured my cygwin ssh_config with following:

Host *
    ControlMaster auto
    ControlPath /tmp/%r@%h:%p

And I get the following error message on the master when I start a second connection which prompts for the password again:

mm_receive_fd: no message header
process_mux_new_session: failed to receive fd 0 from slave

I've seen others with this problem but I can't seem to find any solution for this.

Has anyone made this work?

Answer 1

Apparently the conclusion after much searching is that currently it is NOT possible. These were the only links I found that dealt with this:

https://stackoverflow.com/questions/17140457/imitating-a-shared-ssh-session-for-scripts-on-windows "...but there is no implementation of OpenSSH for Windows which does this (file descriptors over unix sockets do not work in Cygwin)." and

http://gcc.gnu.org/wiki/SSH_connection_caching "Unfortunately if you are using OpenSSH on Cygwin you will not be able to take advantage of connection caching because Cygwin does not currently support file descriptor passing via unix-domain sockets."

Answer 2

For Cygwin it still seems not possible, but in Windows, it is possible. I have this working in windows using wsl-ssh-pageant and the Windows Ubuntu Bash/WSL).

Under bash install socat. Then run wsl-ssh-pageant as it says, then with the while loop and export. If you have your controlmaster under .ssh setup correctly and the directory for ControlPath is created, is should work.

Answer 3

Bug 1278 - CYGWIN controlMaster connections don't work. describes use of ControlMaster/ControlPersist as partially implemented under Cygwin as of December, 2016, but with a qualification that it works only for remote commands and not for connections that require a pseudo terminal.

While this answer was not confirmed under Cygwin, per se, it was validated as true for MSYS2 (based on Cygwin). openssh under MSYS2 supports ControlMaster/ControlPersist connections for remote commands, but not for interactive sessions.

$ cygcheck -V | head -3
cygcheck (msys) 3.0.7
System Checker for Msys
Copyright (C) 1998 - 2019 Cygwin Authors

$ ssh -V
OpenSSH_8.1p1, OpenSSL 1.1.1d  10 Sep 2019

$ pacman -Qi openssh
Name            : openssh
Version         : 8.1p1-1
Description     : Free version of the SSH connectivity tools
Architecture    : i686
URL             : https://www.openssh.com/portable.html
Licenses        : custom:BSD
Groups          : net-utils
Provides        : None
Depends On      : heimdal  libedit  libcrypt  openssl
Optional Deps   : None
Required By     : sshpass
Optional For    : None
Conflicts With  : None
Replaces        : None
Installed Size  : 4.55 MiB
Packager        : Alexey Pavlov <alexpux@gmail.com>
Build Date      : Mon, Oct 14, 2019 1:12:28 AM
Install Date    : Thu, Oct 24, 2019 8:38:48 PM
Install Reason  : Explicitly installed
Install Script  : No
Validated By    : Signature

The following errors occur when running ssh without a remote command specified:

mm_send_fd: sendmsg(2): Broken pipe
mux_client_request_session: send fds failed

With remote commands specified, the errors do not occur.

Answer 4

No, not Cygwin nor OpenSSH nor Dropbear - but there is one another lightweight ssh multiplexing option on Windows: PuTTY supports "Share SSH connections if possible"

If you need a console version, I would suggest working your way down this list: https://en.wikipedia.org/wiki/Comparison_of_SSH_clients#Platform

SSH Multiplexing lowers the initial connection latency substantially because the initial handshake has already taken place. Technically it should be possible - and useful - to implement full UNIX socket functionality on Cygwin - but doing it properly would somewhat of an undertaking. Some of the functionality is there, but it's unlikely to be secure and it's a hack, see What mechanism is used by MSYS/Cygwin to emulate Unix domain sockets?