From owner-freebsd-questions@FreeBSD.ORG  Tue Jul  8 11:11:11 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A87AF37B401
	for <freebsd-questions@freebsd.org>;
	Tue,  8 Jul 2003 11:11:11 -0700 (PDT)
Received: from priv-edtnes53.telusplanet.net (defout.telus.net
	[199.185.220.240])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 1E1AA43FA3
	for <freebsd-questions@freebsd.org>;
	Tue,  8 Jul 2003 11:11:06 -0700 (PDT)
	(envelope-from viktorlazlo@telus.net)
Received: from njamn8or ([64.180.162.182]) by priv-edtnes53.telusplanet.net
          (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP
          id <20030708181105.PGVH345.priv-edtnes53.telusplanet.net@njamn8or>;
          Tue, 8 Jul 2003 12:11:05 -0600
Date: Tue, 8 Jul 2003 11:10:41 -0700 (PDT)
From: Viktor Lazlo <viktorlazlo@telus.net>
X-X-Sender: viktorlazlo@njamn8or.no-ip.org
To: "Philip J. Koenig" <pjklist@ekahuna.com>
In-Reply-To: <20030703071803206.AAA1059@empty1.ekahuna.com@dyn205.ekahuna.com>
Message-ID: <20030708110837.Q54307@njamn8or.no-ip.org>
References: <20030703071803206.AAA1059@empty1.ekahuna.com@dyn205.ekahuna.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: freebsd-questions@freebsd.org
Subject: Re: ssh keepalives
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jul 2003 18:11:11 -0000


On Thu, 3 Jul 2003, Philip J. Koenig wrote:

> One of those firewalls is quite flexible about protocol state
> timeouts, I can set this on a service-by-service basis. (ie I could
> increase it for SSH and no other service)
>
> Unfortunately the firewall on the other side isn't so accommodating.
> It has a single timeout setting that affects all traffic that
> traverses the firewall, and I'd rather not increase that too high.

If there is no option then run a low-bandwidth application in the
background to keep the connection alive, or script something to generate
some activity at frequent enough intervals to do so.

Cheers,

Viktor