On Fri, Jun 21, 2024 at 11:57:34AM +0200, Ralf Weber wrote:
> This is a common problem with stateful firewalls and why most applications that use long live connection have is an in band keep alive mechanism. E.g for ssh you can put the following in ~/.ssh/config:
>
> ServerAliveInterval 60
> ServerAliveCountMax 60
>
> Which will give you an hour without typing something on your keyboard for an ssh connection.
Wouldn't this actually mean the connection can be down for an hour before
ssh gives up?
ServerAliveInterval is how often keepalive messages are sent through the
encrypted channel. The default is zero so no keepalive messages are sent.
But from the man page:
ServerAliveCountMax
Sets the number of server alive messages (see below) which may be
sent without ssh(1) receiving any messages back from the server.
If this threshold is reached while server alive messages are
being sent, ssh will disconnect from the server, terminating the
session. It is important to note that the use of server alive
and
The default value is 3. If, for example, ServerAliveInterval
(see below) is set to 15 and ServerAliveCountMax is left at the
default, if the server becomes unresponsive, ssh will disconnect
after approximately 45 seconds.
So, really, if the documentation is to be believed the only setting that
would be needed is ServerAliveInterval since it defaults to zero.
--
Kevin P. Neal
http://www.pobox.com/~kpn/
"I like being on The Daily Show." - Kermit the Frog, Feb 13 2001