From owner-freebsd-questions@FreeBSD.ORG Tue Jul 8 13:42:51 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 79BC937B401 for ; Tue, 8 Jul 2003 13:42:51 -0700 (PDT) Received: from empty1.ekahuna.com (empty1.ekahuna.com [198.144.200.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id C085343FCB for ; Tue, 8 Jul 2003 13:42:48 -0700 (PDT) (envelope-from pjklist@ekahuna.com) Received: from pc-17 (dyn205.ekahuna.com [198.144.200.205]) by empty1.ekahuna.com (Post.Office MTA v3.5.3 release 223 ID# 0-0U10L2S100V35) with ESMTP id com; Tue, 8 Jul 2003 13:42:48 -0700 From: "Philip J. Koenig" Organization: The Electric Kahuna Organization To: Freebsd-questions@freebsd.org Date: Tue, 08 Jul 2003 13:42:47 -0700 MIME-Version: 1.0 Priority: normal In-reply-to: <20030708110837.Q54307@njamn8or.no-ip.org> References: <20030703071803206.AAA1059@empty1.ekahuna.com@dyn205.ekahuna.com> X-mailer: Pegasus Mail for Windows (v4.12a) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body Message-ID: <20030708204248437.AAA218@empty1.ekahuna.com@dyn205.ekahuna.com> Subject: Re: ssh keepalives X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: pjklist@ekahuna.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jul 2003 20:42:51 -0000 On 8 Jul 2003 at 11:10, Viktor Lazlo boldly uttered: > On Thu, 3 Jul 2003, Philip J. Koenig wrote: > > > One of those firewalls is quite flexible about protocol state > > timeouts, I can set this on a service-by-service basis. (ie I could > > increase it for SSH and no other service) > > > > Unfortunately the firewall on the other side isn't so accommodating. > > It has a single timeout setting that affects all traffic that > > traverses the firewall, and I'd rather not increase that too high. > > If there is no option then run a low-bandwidth application in the > background to keep the connection alive, or script something to generate > some activity at frequent enough intervals to do so. Well that goes without saying, but the idea was whether the protocol itself contained a "keepalive" function. It's still a pain to have to go through that just so a connection will not die after 5 mins. I would think this is a common enough issue to justify an enhancement request to the open-ssh people. -- Philip J. Koenig pjklist@ekahuna.com Electric Kahuna Systems -- Computers & Communications for the New Millenium