OpenSSH Problem with disconnects

[Bill Campbell]

On Sun, Mar 11, 2007, Alexander Schlichting wrote:
> 
>
>Hi,
>
> 
>
>I am having a big problem with the OpenSSH Daemon on my server. Whenever I
>am connected to the server and the connection is idle for a few seconds it
>gets disconnected. It's almost impossible to work from remote on the server.

It's been my experience that this has been related to NAT
(Network Address Translation), IP masquerading or possibly other
firewall settings, and may well not be FreeBSD specific.

One of my customers had a problem like this in the last week or so
and tracked it down to settings on their LinkSys BEFVP41 VPN
router which had some firewall setting that caused ssh
connections to drop (it wasn't NAT on this as I've not had this
problem with other BEFVP41s).

We ran all internal traffic through a Caldera OpenLinux 2.3
system, with a 2.4 Linux kernel with ipchains IP masquerading,
and it would drop ssh connections after several minuted of
inactivity (I would often run top on the remote system just to
keep the connection alive when I wasn't doing something that
would create activity).  When we switched our border machine to a
SLES9 machine with a 2.6 Linux kernel and iptables NAT the
problem went away.

There are also ssh_config and sshd_config parameters that relate
to tcp timeouts and keep alive actions.

Bill
--
INTERNET:   bill at Celestial.COM  Bill Campbell; Celestial Software, LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
FAX:            (206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676

``I presume you all know who I am.  I am humble Abraham Lincoln.  I have been
solicited by many friends to become a candidate for the legistlature.  My
politics are short and sweet, like the old woman's dance.  I am in favor of
a national bank ... in favor of the internal improvements system, and a
high protective tariff.'' -- Abraham Lincoln, 1832