Date: Wed, 19 Jun 2002 00:24:43 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: "Philip J. Koenig" <pjklist@ekahuna.com> Cc: questions@FreeBSD.ORG, Dan Nelson <dnelson@allantgroup.com> Subject: Re: kicking users Message-ID: <20020618212443.GB10528@hades.hell.gr> In-Reply-To: <20020618022326603.AAA594@empty1.ekahuna.com@pc02.ekahuna.com> References: <20020618013550.GA6214@dan.emsphone.com> <20020618022326603.AAA594@empty1.ekahuna.com@pc02.ekahuna.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2002-06-17 19:23 -0700, Philip J. Koenig wrote: > > Hmm. According to the sshd manpage, it already enables > > keepalives. Ignore my sysctl idea, then. > > Interesting you should mention that though. I have a problem where > sessions get killed off, and I think it's because of the stateful > firewall on one or both ends of the connection timing out the > session when no packets traverse it for 5-10 mins. (this is actually > the main reason I end up wanting to kill 'zombie' user sessions) This looks similar to troubles I had with a stateful ipfw firewall that killed my ssh sessions too often for me to ignore it. Try increasing the lifetime of dynamic ipfw rules. I now have in my /etc/sysctl.conf file the following: net.inet.ip.fw.dyn_ack_lifetime=7200 - Giorgos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020618212443.GB10528>