Hi all I have an ADSL modem which reboots when there is a power cut and the inverter (UPS) kicks in. Internet access is down for a duration of 1 to 2 minutes while the modem boots. I have many SSH tunnels and shells active. Due to the default "TCPKeepAlive On" setting, these sessions are terminated almost immediately. I tried the following configuration: sshd_config on server: TCPKeepAlive no ClientAliveInterval 90 ClientAliveCountMax 6 ~/.ssh/config: Host * Protocol 2 Compression yes TCPKeepAlive no ServerAliveInterval 90 ServerAliveCountMax 6 But I guess the ssh client doesn't try to re-establish the session for the ServerAlive messages to work. The shells remain blocked after the modem reboots, and after approximately 90*6 seconds, ssh aborts complaining of timeout with the remote server. I want to know if there is any way I can get ssh to try to renegotiate the active sessions to remote servers, without disconnecting them. Note: Please don't bother suggesting workarounds such as the use of screen, autossh, etc. I am looking for a specific answer about how to keep a session alive, or the impossibility of doing that. For example, autossh restarts ssh. I want existing sessions to continue as if nothing happened, as long as net access is not down for longer than some timeout. FWIW, I'm using OpenSSH_5.4p1, OpenSSL 1.0.0a-fips 1 Jun 2010. Mukund
Mukund Sivaraman wrote:> I have an ADSL modem which reboots..> I tried the following configuration: > > sshd_config on server: > TCPKeepAlive no > ClientAliveInterval 90 > ClientAliveCountMax 6 > > ~/.ssh/config: > Host * > Protocol 2 > Compression yes > TCPKeepAlive no > ServerAliveInterval 90 > ServerAliveCountMax 6..> I want to know if there is any way I can get ssh to try to > renegotiate the active sessions to remote servers, without > disconnecting them...> I am looking for a specific answer about how to keep a session > alive, or the impossibility of doing that.I think you need to completely disable the serveralive and possibly also clientalive stuff. That's the only thing that I've found to work well so far. With those disabled on the other hand, and if running over a VPN, I can go disconnected for forever as long as I don't type anything, and a good while even if I do type something by mistake. //Peter
On Mon, 2 Aug 2010, Mukund Sivaraman wrote:> Hi all > > I have an ADSL modem which reboots when there is a power cut and the > inverter (UPS) kicks in. Internet access is down for a duration of 1 > to 2 minutes while the modem boots. > > I have many SSH tunnels and shells active. Due to the default > "TCPKeepAlive On" setting, these sessions are terminated almost > immediately.This is almost certainly not due to TCP keepalives, which are generally send pretty infrequently and don't kill sessions anyway. It is much more likely that your modem is using NAT and loses its NAT state table on reboot and is unable to associate the outside and inside halves of your connections, gives up and sends a TCP RST to each. If this is the case, then no amount of configuration in ssh/sshd will help you unfortunately. -d
On Mon, Aug 02, 2010 at 11:33:36 -0500, Mukund Sivaraman wrote:> Hi all > > I have an ADSL modem which reboots when there is a power cut and the > inverter (UPS) kicks in. Internet access is down for a duration of 1 > to 2 minutes while the modem boots. > > I have many SSH tunnels and shells active. Due to the default > "TCPKeepAlive On" setting, these sessions are terminated almost > immediately.I wouldn't have thought TCPKeepAlive would have been a factor over such a short timespan. The interval at which the TCP keepalives are sent is, admittedly, OS-dependent but tends to be fairly long. In my expreience, it's normally once an hour (or possibly two hours). It seems more likely that when your modem reboots state information (NAT table for example) is lost. It may also be that the IP address for your connection changes.> > I tried the following configuration: > > sshd_config on server: > TCPKeepAlive no > ClientAliveInterval 90 > ClientAliveCountMax 6 > > ~/.ssh/config: > Host * > Protocol 2 > Compression yes > TCPKeepAlive no > ServerAliveInterval 90 > ServerAliveCountMax 6Setting {Client,Server}Alive* is really intended for detecting unresponsive clients/servers rather than for preserving connections. However, there are cases where network devices might otherwise timeout state information for apparently idle connections. In those cases, enabling these options can be useful since they keep the connection active.> > But I guess the ssh client doesn't try to re-establish the session for > the ServerAlive messages to work. The shells remain blocked after the > modem reboots, and after approximately 90*6 seconds, ssh aborts > complaining of timeout with the remote server.Currently no attempt is made to re-establish a connection once it is broken. If you search the mailing list you will see references to a "roaming" feature which would add that functionality, but it has not yet been committed to a released version of OpenSSH. As it is currently implemented, user interaction is required to re-establish the session, but that may change once the initial code has been committed.> > I want to know if there is any way I can get ssh to try to renegotiate > the active sessions to remote servers, without disconnecting them.The roaming feature will do that, but both the client and server need to support it. -- Iain> > Note: Please don't bother suggesting workarounds such as the use of > screen, autossh, etc. I am looking for a specific answer about how to > keep a session alive, or the impossibility of doing that. For example, > autossh restarts ssh. I want existing sessions to continue as if > nothing happened, as long as net access is not down for longer than > some timeout. > > FWIW, I'm using OpenSSH_5.4p1, OpenSSL 1.0.0a-fips 1 Jun 2010. > > Mukund > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev-- Iain Morgan
On 2 aug 2010, at 22.52, Damien Miller wrote:> If this is the case, then no amount of configuration in ssh/sshd will > help you unfortunately.the new (or perhaps upcoming) roaming code would help, right? jakob
>From the June thread "OpenSSH with "resumable" functionality" ?On Tue, Aug 3, 2010 at 03:53, Jakob Schlyter <jakob at kirei.se> wrote:> On 2 aug 2010, at 22.52, Damien Miller wrote: > > > If this is the case, then no amount of configuration in ssh/sshd will > > help you unfortunately. > > the new (or perhaps upcoming) roaming code would help, right? > > jakob > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >-- Jeremy Nickurak -= Email/XMPP: -= jeremy at nickurak.ca =-
Hi all Thank you for the replies to my question. On Mon, Aug 02, 2010 at 02:11:12PM -0700, Iain Morgan wrote:> Currently no attempt is made to re-establish a connection once it is > broken. If you search the mailing list you will see references to a > "roaming" feature which would add that functionality, but it has not yet > been committed to a released version of OpenSSH. As it is currently > implemented, user interaction is required to re-establish the session, > but that may change once the initial code has been committed. > > > > > I want to know if there is any way I can get ssh to try to renegotiate > > the active sessions to remote servers, without disconnecting them. > > The roaming feature will do that, but both the client and server need to > support it.I found the patch in the list archives. This is what I need, but I will wait till it is released in a portable release. Mukund
On Wed, Aug 4, 2010 at 11:31 AM, Mukund Sivaraman <muks at banu.com> wrote:> Hi all > > Thank you for the replies to my question. > > On Mon, Aug 02, 2010 at 02:11:12PM -0700, Iain Morgan wrote: >> Currently no attempt is made to re-establish a connection once it is >> broken. If you search the mailing list you will see references to a >> "roaming" feature which would add that functionality, but it has not yet >> been committed to a released version of OpenSSH. As it is currently >> implemented, user interaction is required to re-establish the session, >> but that may change once the initial code has been committed. >> >> > >> > I want to know if there is any way I can get ssh to try to renegotiate >> > the active sessions to remote servers, without disconnecting them. >> >> The roaming feature will do that, but both the client and server need to >> support it. > > I found the patch in the list archives. This is what I need, but I will > wait till it is released in a portable release.I use autossh[1]. so after reboot the connection gets reestablished. also if the connection is broken autossh reconnects. [1] http://www.harding.motd.ca/autossh/> > ? ? ? ? ? ? ? ?Mukund > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >-- Asif Iqbal PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?