"ServerAliveInterval" and "ServerAliveCountMax" doesnt work in openssh50?

leanne njleanne at hotmail.com
Thu May 15 12:15:26 EST 2008

Hi OpenSSH team,

We found that openssh5.0 has a bug with the "ServerAliveInterval" and "ServerAliveCountMax" options. 

This function doesnt work at all, which means when the Maxtime reached, the ssh will not kill the connection and prompt the infomation "Connection Timedout" as it used to do.


We built the openssh5.0p1 code on the a Linux box,  and use the following configruation, and reproduced on it.


Following is the experiment i did on my Ubuntu Linux box. 


In Terminal 1:

root at sway-desktop:~# uname -aLinux sway-desktop 2.6.22-14-generic #1 SMP Sun Oct 14 23:05:12 GMT 2007 i686 GNU/Linux

root at sway-desktop:~# cat /ssh_config   Protocol 2   HashKnownHosts yes   ServerAliveInterval 5   ServerAliveCountMax 1      #This tells the ssh to close the connection after 5*1 = 5 seconds  if no data has been received from the server. 


root at sway-desktop:~# ps -ef|grep sshdroot      5415     1  0 14:21 ?        00:00:00 /home/sway/openssh-5.0p1/sshd -p 5555

root at sway-desktop:~# cd /home/sway/openssh-5.0p1root at sway-desktop:/home/sway/openssh-5.0p1# /ssh -F /ssh_config -p 5555root at's password:Last login: Sun May  4 14:22:20 2008 from qianbo-desktop.localroot at sway-desktop:



In termial 2:

root at sway-desktop:~# ps -ef|grep sshd

root      5415     1  0 14:21 ?        00:00:00 /home/sway/openssh-5.0p1/sshd -p 5555

root      5832  5415  0 14:34 ?        00:00:00 sshd: root at pts/0

root at sway-desktop:~# kill -19 5832                     // 19 means SIGSTOP


I waited more than 10 miniutes, the ssh still  hangs there without giving any information about "Connection timeout"...


So i sent a SIGCONT to the sshd server, and the ssh come back alive.

We debugged into the code, found out that everytime the ssh did check the variable "keep_alive_timeouts" with the ServerAliveCountMax value after ServerAliveInterval seconds to see if keep_alive_timeouts > ServerAliveCountMax, if so , ssh will close the connection and give the "connection timeout" information, else it will increment the keep_alive_timeouts by 1. 

After Checking, ssh will jump into the "packet_read_poll_seqnr(u_int32_t *seqnr_p)" function, and there it will reset the keep_alive_timeouts variable to "0" again which actually caused the problem.
Can you check if it is a bug with openssh50's code or not?Thanks very much.
Windows Live Photo gallery 数码相机的超级伴侣,轻松管理和编辑照片,还能制作全景美图!

More information about the openssh-unix-dev mailing list