Established connection timing out
Bob Rasmussen
ras at anzio.com
Tue Feb 27 13:34:47 AEDT 2018
I don't believe you've said: are the disconnects happening during periods
of idleness on the connection, or periods of activity? If idleness, some
device or script could be actively doing a disconnect-on-idle.
On Mon, 26 Feb 2018, Kip Warner wrote:
> Hey list,
>
> I've read the man page for both the client and server daemon, so either
> I missed something or this isn't an SSH issue but something going on
> with perhaps routers or MTUs.
>
> I am having problems with already established connections to a remote
> server timing out after a few minutes. I connect either over ssh or via
> rsync tunnelled over the former.
>
> On the client side eventually I just see a whole pile of messages like
> this, but no rsync traffic appears occurring:
>
> debug1: client_input_channel_req: channel 0 rtype keepalive at ope
> nssh.com reply 1
>
> I've monitored both the client and server via strace and neither
> machine appears to have "died" from some kind of memory exhaustion,
> bandwidth issue, etc. Both appear to simply be waiting for the other to
> do something.
>
> Since my client side rsync is running as root, I tried to modify
> /etc/ssh_config to try and keep the connection alive. This is the
> client side /etc/ssh_config
>
> Host *
>
> ServerAliveInterval 5
> ServerAliveCountMax 20
>
> And this is the server side /etc/sshd_config:
>
> Port 22
> Protocol 2
> HostKey /etc/ssh/ssh_host_rsa_key
> HostKey /etc/ssh/ssh_host_dsa_key
> HostKey /etc/ssh/ssh_host_ecdsa_key
> UsePrivilegeSeparation yes
>
> KeyRegenerationInterval 3600
> ServerKeyBits 768
>
> SyslogFacility AUTH
> LogLevel INFO
>
> LoginGraceTime 120
> PermitRootLogin yes
> StrictModes yes
>
> RSAAuthentication yes
> PubkeyAuthentication yes
> AuthorizedKeysFile %h/.ssh/authorized_keys
>
> IgnoreRhosts yes
> RhostsRSAAuthentication no
> HostbasedAuthentication no
>
> PermitEmptyPasswords no
>
> ChallengeResponseAuthentication no
>
> X11Forwarding yes
> X11DisplayOffset 10
> PrintMotd no
> PrintLastLog yes
>
> AcceptEnv LANG LC_*
>
> Subsystem sftp /usr/lib/openssh/sftp-server
>
> UsePAM yes
>
> UseDNS no
>
> ClientAliveCountMax 20
> ClientAliveInterval 5
>
> The latter two options I'm assuming are the most important here, but
> they don't seem to do anything.
>
> Any help appreciated.
>
> --
> Kip Warner | Senior Software Engineer
> OpenPGP signed/encrypted mail preferred
> https://www.cartesiantheatre.com
Regards,
....Bob Rasmussen, President, Rasmussen Software, Inc.
personal e-mail: ras at anzio.com
company e-mail: rsi at anzio.com
voice: (US) 503-624-0360 (9:00-6:00 Pacific Time)
fax: (US) 503-624-0760
web: http://www.anzio.com
street address: Rasmussen Software, Inc.
10240 SW Nimbus, Suite L9
Portland, OR 97223 USA
More information about the openssh-unix-dev
mailing list