Hello, I have Suse 9.0 and I use ssh to create tunnels to access several services of the server. My problem is that ssh close the connections if there is no activity in the tunnel. I have the property KeepAlive yes in the sshd_config but I doesnt work. I have ipchains as firewall, perhaps this is my problem but I don´t know, ¿any idea? Thaks -- Emiliano Sutil García
Hi,
I have Suse 9.0 and I use ssh to create tunnels to access several services of the server. My problem is that ssh close the connections if there is no activity in the tunnel. I have the property KeepAlive yes in the sshd_config but I doesnt work.
--> I think you have to enable keek alive in both sshd_config and ssh_config, i.e. for the server AND the client.
I have ipchains as firewall, perhaps this is my problem but I don´t know,
--> I don't think the firewall is your problem since you can establish the connection in the first place. HTH, Armin -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50
Emiliano Sutil wrote:
Hello,
I have Suse 9.0 and I use ssh to create tunnels to access several services of the server. My problem is that ssh close the connections if there is no activity in the tunnel. I have the property KeepAlive yes in the sshd_config but I doesnt work. I have ipchains as firewall, perhaps this is my problem but I don´t know,
¿any idea?
Thaks
Hi, this may also be due to a router. Do you use some? I, for instance, use a D-Link 624+, which ignores each keep alive setting of ssh and kills the connection after 1000 seconds idle time. Unfortunatly, there is no possibility to increase the router's idle time for ssh connections. In the web, however, you can find work arounds (using special login and logout scripts on the target machine) to enforce dummy traffic before the connection is shut down automatically. Andreas
Hi, On Thu, Apr 29, Emiliano Sutil wrote:
I have Suse 9.0 and I use ssh to create tunnels to access several services of the server. My problem is that ssh close the connections if there is no activity in the tunnel. I have the property KeepAlive yes in the sshd_config but I doesnt work. I have ipchains as firewall, perhaps this is my problem but I don´t know,
you have to set the parameter "ClientAliveInterval" in the sshd_config. "KeepAlive" sends only TCP keepalive messages. If you enable ClientAliveInterval it sends alive message through the tunnel. -- Gruß Dieter -- I do not get viruses because I do not use MS software. If you use Outlook then please do not put my email address in your address-book so that WHEN you get a virus it won't use my address in the From field.
Dieter Bloms wrote:
Hi,
On Thu, Apr 29, Emiliano Sutil wrote:
I have Suse 9.0 and I use ssh to create tunnels to access several services of the server. My problem is that ssh close the connections if there is no activity in the tunnel. I have the property KeepAlive yes in the sshd_config but I doesnt work. I have ipchains as firewall, perhaps this is my problem but I don´t know,
you have to set the parameter "ClientAliveInterval" in the sshd_config. "KeepAlive" sends only TCP keepalive messages. If you enable ClientAliveInterval it sends alive message through the tunnel.
Sorry, I have send all of my replies to personal email instead of the list, (a bit newbie with this list) I re-post the question to the list: I´ll try it but, which time interval is right? I don´t know the limit time to the TCP to close the tunnel -- Emiliano Sutil García ANÁLISIS Y DESARROLLO DE SOFTWARE S.L. Urb. San Roque, 22 24540 Cacabelos (León) España email: emiliano@iranon.com Telf. 902 100 103 Fax. 902 201 801
you have to set the parameter "ClientAliveInterval" in the sshd_config. "KeepAlive" sends only TCP keepalive messages. If you enable ClientAliveInterval it sends alive message through the tunnel.
I´ll try it but, which time interval is right? I don´t know the limit time to the TCP to close the tunnel
I use 60 seconds and I'am happy with it. -- Gruß Dieter -- I do not get viruses because I do not use MS software. If you use Outlook then please do not put my email address in your address-book so that WHEN you get a virus it won't use my address in the From field.
I have Suse 9.0 and I use ssh to create tunnels to access several services of the server.
Another good idea is to use ipsec instead! These tunnels will get reconnected automagically. the bob -- http://www.hs-pongratz.de
* Emiliano Sutil
My problem is that ssh close the connections if there is no activity in the tunnel. I have the property KeepAlive yes in the sshd_config but I doesnt work.
see "Handling network-timeouts" in http://www.jfranken.de/homepages/johannes/vortraege/ssh2_inhalt.en.html#ToC1... for a description of ProtocolKeepAlives, KeepAlive, ClientAliveInterval, ClientAliveCountMax, autossh and various /proc/sys/net/ipv4/ files (to be set in /etc/syssctl.conf). Personally, I'd suggest you to use autossh ( see http://www.harding.motd.ca/autossh/ ), which turns OpenSSH very reliable. I've used it with all my tunnels and screen sessions for years. -- Johannes Franken Professional unix/network development mailto:jfranken@jfranken.de http://www.jfranken.de/
participants (6)
-
Andreas Loebel -
Armin Schoech -
Dieter Bloms -
Emiliano Sutil -
Johannes Franken -
Paranoiac_User