ClientAliveInterval ClientAliveCountMax



Greetings;
I put the following in my sshd_config file believing that any session
would time out in 2 minutes if the server could not communicate with
the client.

ClientAliveCountMax 8
ClientAliveInterval 15

However I found that if the server continually attempts to send some data
to the client this does not work. The connection stays up for hours.
I started sshd with the -d -d -d switches to collect some trace. I
looked in the trace for the entry that shows the heartbeat msg being sent
to the client
but it does not appear in the trace:
debug2: channel 0: request keepalive@xxxxxxxxxxx << I never see trace
entry this for this scenario

[ to break the connection I pull the ethernet cable between the network
switch and the SSH Client workstation]
[ to create some continuous traffic to send I execute the command "ping
localhost" ]


Otherwise the ClientAlive mechanism seems to work :
I found that if there is a period of 15 minutes with NO activity and the
client is
connected the trace shows:

debug2: channel 0: request keepalive@xxxxxxxxxxx
debug1: Got 100/13 for keepalive

If the server is not attempting to send data to the client and I pull the
cable between the network switch and the client I get a timeout after 2
minutes
as expected:
debug2: channel 0: request keepalive@xxxxxxxxxxx
debug2: channel 0: request keepalive@xxxxxxxxxxx
debug2: channel 0: request keepalive@xxxxxxxxxxx
debug2: channel 0: request keepalive@xxxxxxxxxxx
debug2: channel 0: request keepalive@xxxxxxxxxxx
debug2: channel 0: request keepalive@xxxxxxxxxxx
debug2: channel 0: request keepalive@xxxxxxxxxxx
debug2: channel 0: request keepalive@xxxxxxxxxxx
Disconnecting: Timeout, your session not responding.
debug3: channel 0: close_fds r 9 w 9 e 11
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering

Any suggestions?



OpenSSH level: SSH-2.0-OpenSSH_3.8p1
Distro SuSe SLES 9.3


Thanks, Rick

blasiak@xxxxxxxxxx



Relevant Pages

  • X11 Forwarding problems without an interactive shell
    ... I saw a mention that using -x +x command switches with ssh ... In the successful case I notice there is a request of a shell ... debug2: channel 0: request pty-req confirm 0 ...
    (comp.os.vms)
  • Re: Weird sshd behaviour
    ... Connection to localhost closed. ... debug2: we sent a password packet, ... debug2: channel 0: request pty-req confirm 1 ...
    (comp.security.ssh)
  • Re: Weird sshd behaviour
    ... UseLogin is logical. ... debug2: we sent a password packet, ... debug2: channel 0: request pty-req confirm 1 ...
    (comp.security.ssh)
  • [opensuse] X11 forwarding on 11.4
    ... debug1: Authentication succeeded. ... debug2: channel 0: send open ... debug2: channel 0: request env confirm 0 ...
    (SuSE)
  • Logingrace time and debug mode
    ... following options in debug mode ... I conneted my client and waited over the gracetime, ... debug3: channel 0: will not send data after close ... debug2: channel 0: close_write ...
    (comp.security.ssh)