Anti-idle in OpenSSH client?

Frank Cusack fcusack at fcusack.com
Sat Apr 5 13:36:59 EST 2003


On Fri, Apr 04, 2003 at 07:58:26PM -0600, mandar at webchat.chatsystems.com wrote:
> 
> KeepAlive doesn't do the trick  unfortunately - it merely sets
> SO_KEEPALIVE on the socket

Right, you have to tweak your system's stack to send KAs faster than
the firewall idle timer.  The default KA timer is 2 hours, most firewalls
default session timer is 20m.

>  and is also not configurable.

Not sure if the above addresses that.  (I think it does.)

> It's
> actually meant as a way for ssh to know when the underlying
> network connection to the remote server has gone away, when set.

Right, but it works OK to keep sessions going over stateful firewalls.

The ssh2 clientalive thing is only configurable on the server in openssh.
I'm sure a patch would be welcome.

/fc




More information about the openssh-unix-dev mailing list