non-interactive traffic
It seems the CS1 traffic class mark is considered ambiguous and therefore
somewhat unhelpful (see RFC 8622 for more considerations). But, the new
'LE' scavenger class (also proposed in RFC 8622) offers high probability
of excessive delays & high packet loss, which would be inappropriate
for use with, for example, X11 forwardings. In fact, it is not known to
SSH what's appropriate because SSH is not aware of the content of what
passing through session forwardings. Therefore, no marking is appropriate.
Non-interactive traffic simply is best effort.
OK djm@ deraadt@
OpenBSD-Commit-ID:
db1da1a432ecd53fc28feb84287aedb6bec80b01
-/* $OpenBSD: readconf.c,v 1.403 2025/07/31 11:23:39 job Exp $ */
+/* $OpenBSD: readconf.c,v 1.404 2025/08/05 09:08:16 job Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
if (options->ip_qos_interactive == -1)
options->ip_qos_interactive = IPTOS_DSCP_EF;
if (options->ip_qos_bulk == -1)
- options->ip_qos_bulk = IPTOS_DSCP_CS1;
+ options->ip_qos_bulk = IPTOS_DSCP_CS0;
if (options->request_tty == -1)
options->request_tty = REQUEST_TTY_AUTO;
if (options->session_type == -1)
-/* $OpenBSD: servconf.c,v 1.429 2025/07/31 11:23:39 job Exp $ */
+/* $OpenBSD: servconf.c,v 1.430 2025/08/05 09:08:16 job Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
if (options->ip_qos_interactive == -1)
options->ip_qos_interactive = IPTOS_DSCP_EF;
if (options->ip_qos_bulk == -1)
- options->ip_qos_bulk = IPTOS_DSCP_CS1;
+ options->ip_qos_bulk = IPTOS_DSCP_CS0;
if (options->version_addendum == NULL)
options->version_addendum = xstrdup("");
if (options->fwd_opts.streamlocal_bind_mask == (mode_t)-1)
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.416 2025/07/31 11:23:39 job Exp $
-.Dd $Mdocdate: July 31 2025 $
+.\" $OpenBSD: ssh_config.5,v 1.417 2025/08/05 09:08:16 job Exp $
+.Dd $Mdocdate: August 5 2025 $
.Dt SSH_CONFIG 5
.Os
.Sh NAME
.Cm ef
(Expedited Forwarding)
for interactive sessions and
-.Cm cs1
-(Lower Effort)
+.Cm none
+(the operating system default)
for non-interactive sessions.
.It Cm KbdInteractiveAuthentication
Specifies whether to use keyboard-interactive authentication.
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd_config.5,v 1.383 2025/07/31 11:23:39 job Exp $
-.Dd $Mdocdate: July 31 2025 $
+.\" $OpenBSD: sshd_config.5,v 1.384 2025/08/05 09:08:16 job Exp $
+.Dd $Mdocdate: August 5 2025 $
.Dt SSHD_CONFIG 5
.Os
.Sh NAME
.Cm ef
(Expedited Forwarding)
for interactive sessions and
-.Cm cs1
-(Lower Effort)
+.Cm none
+(the operating system default)
for non-interactive sessions.
.It Cm KbdInteractiveAuthentication
Specifies whether to allow keyboard-interactive authentication.
projects / thirdparty / openssh-portable.git / commitdiff
