Persistent SSH sessions

Iain Morgan imorgan at nas.nasa.gov
Tue Aug 3 07:11:12 EST 2010 

On Mon, Aug 02, 2010 at 11:33:36 -0500, Mukund Sivaraman wrote:
> Hi all
> 
> I have an ADSL modem which reboots when there is a power cut and the
> inverter (UPS) kicks in.  Internet access is down for a duration of 1
> to 2 minutes while the modem boots.
> 
> I have many SSH tunnels and shells active.  Due to the default
> "TCPKeepAlive On" setting, these sessions are terminated almost
> immediately.

I wouldn't have thought TCPKeepAlive would have been a factor over such
a short timespan. The interval at which the TCP keepalives are sent is,
admittedly, OS-dependent but tends to be fairly long. In my expreience,
it's normally once an hour (or possibly two hours).

It seems more likely that when your modem reboots state information (NAT
table for example) is lost. It may also be that the IP address for your
connection changes.

> 
> I tried the following configuration:
> 
> sshd_config on server:
>   TCPKeepAlive no
>   ClientAliveInterval 90
>   ClientAliveCountMax 6
> 
> ~/.ssh/config:
>   Host *
>     Protocol 2
>     Compression yes
>     TCPKeepAlive no
>     ServerAliveInterval 90
>     ServerAliveCountMax 6

Setting {Client,Server}Alive* is really intended for detecting
unresponsive clients/servers rather than for preserving connections.
However, there are cases where network devices might otherwise timeout
state information for apparently idle connections. In those cases,
enabling these options can be useful since they keep the connection
active.

> 
> But I guess the ssh client doesn't try to re-establish the session for
> the ServerAlive messages to work.  The shells remain blocked after the
> modem reboots, and after approximately 90*6 seconds, ssh aborts
> complaining of timeout with the remote server.


Currently no attempt is made to re-establish a connection once it is
broken. If you search the mailing list you will see references to a
"roaming" feature which would add that functionality, but it has not yet
been committed to a released version of OpenSSH. As it is currently
implemented, user interaction is required to re-establish the session,
but that may change once the initial code has been committed.

> 
> I want to know if there is any way I can get ssh to try to renegotiate
> the active sessions to remote servers, without disconnecting them.

The roaming feature will do that, but both the client and server need to
support it.

-- 
Iain

> 
> Note: Please don't bother suggesting workarounds such as the use of
> screen, autossh, etc.  I am looking for a specific answer about how to
> keep a session alive, or the impossibility of doing that.  For example,
> autossh restarts ssh.  I want existing sessions to continue as if
> nothing happened, as long as net access is not down for longer than
> some timeout.
> 
> FWIW, I'm using OpenSSH_5.4p1, OpenSSL 1.0.0a-fips 1 Jun 2010.
> 
> 		Mukund
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

-- 
Iain Morgan

More information about the openssh-unix-dev mailing list