Why isn't it possible to lower TCP values of running SSH session?

john smith wempwer at gmail.com
Tue Nov 24 11:34:45 AEDT 2015

On Tue, Nov 24, 2015 at 1:05 AM, john smith <wempwer at gmail.com> wrote:
> On Tue, Nov 24, 2015 at 12:57 AM, Damien Miller <djm at mindrot.org> wrote:
>> TCP is the kernel's responsibility. I guess that these values get
>> copied into each TCB from the copy managed via proc at connection
>> start time, but never updated afterwards.
> This had to happen but the question is why is it possible to increase
> a timeout but not to decrease it.

Well I just did an iteresting test. If I set timeout values to 10, 1,
1, connect to remote, change timeout values to 3, 1, 1 and wait for 10
seconds inside SSH session, then unplug a network cable on the remote
it only takes 3 seconds to close an expired session. I also tried to
set timeout values to 60, 1, 1, connect to remote, change timeout
values to 3, 1, 1, wait for 60 seconds, unplug the cable and again it
only took 3 seconds to close a frozen session. I think it has
something to do with the following piece of code inside Linux kernel:


    if (timer_pending(timer) && timer->expires == expires)
        return 1;

    return __mod_timer(timer, expires, false, TIMER_NOT_PINNED);

I think that after changing 7200 to 3 I would also be automatically
disconnected after 3 seconds but only after first 7200 seconds of
active session. However, I would be glad if someone more experienced
could confirm my assumptions (I am sure there are such people here).
<wempwer at gmail.com>

More information about the openssh-unix-dev mailing list