Enabling ServerAliveInterval by default
Gert Doering
gert at greenie.muc.de
Mon Dec 17 02:29:22 EST 2007
Hi,
On Sat, Dec 15, 2007 at 10:05:00PM +0200, Nadav Har'El wrote:
> May I ask what is a "sane" NAT timeout? 5 minutes? 30 minutes? 1 hour? 1 day?
This borders very much on a religious war :-)
For me, no kind of NAT can ever be considered "sane".
Nevertheless the same issue applies to stateful firewall filtering, of
course - and in that case, I'd consider a timeout of "reasonably above
the values of TCP keepalive packets" to be "sane".
<religious>
Working around broken NATs instead of fixing the problem is not The Way To
Do Things.
</religious>
Personally, I have situations where I like ServerAliveInterval, and other
situations where it isn't needed, and is actually interfering with the
way I use SSH. So I need to adapt the defaults either way.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the openssh-unix-dev
mailing list