SSH timeouts from remote connections on 7.1beta

Mel fbsd.questions at rachie.is-a-geek.net
Thu Nov 13 13:40:58 PST 2008


On Thursday 13 November 2008 22:29:40 Forrest Aldrich wrote:
> This is a recent phenomenon.
>
> I use a Mac client (iTerm) to connect to all my hosts internally.  Same
> network.  My connections to the FreeBSD-7.1.x system continually timeout
> when idle, and I have to re-connect (thankfully, I use "screen").   It's
> becoming annoying, and though I've set TcpKeepAlive, it still happens.

ServerAliveInterval client side is what you're looking for.
From ssh_config(5):

     ServerAliveCountMax
             Sets the number of server alive messages (see below) which may be
             sent without ssh(1) receiving any messages back from the server.
             If this threshold is reached while server alive messages are
             being sent, ssh will disconnect from the server, terminating the
             session.  It is important to note that the use of server alive
             messages is very different from TCPKeepAlive (below).  The server
             alive messages are sent through the encrypted channel and there-
             fore will not be spoofable.  The TCP keepalive option enabled by
             TCPKeepAlive is spoofable.  The server alive mechanism is valu-
             able when the client or server depend on knowing when a connec-
             tion has become inactive.

             The default value is 3.  If, for example, ServerAliveInterval
             (see below) is set to 15 and ServerAliveCountMax is left at the
             default, if the server becomes unresponsive, ssh will disconnect
             after approximately 45 seconds.  This option applies to protocol
             version 2 only.

     ServerAliveInterval
             Sets a timeout interval in seconds after which if no data has
             been received from the server, ssh(1) will send a message through
             the encrypted channel to request a response from the server.  The
             default is 0, indicating that these messages will not be sent to
             the server.  This option applies to protocol version 2 only.

-- 
Mel

Problem with today's modular software: they start with the modules
    and never get to the software part.


More information about the freebsd-questions mailing list