Date: Mon, 17 Jun 2002 19:23:26 -0700 From: "Philip J. Koenig" <pjklist@ekahuna.com> To: questions@FreeBSD.ORG Cc: Dan Nelson <dnelson@allantgroup.com> Subject: Re: kicking users Message-ID: <20020618022326603.AAA594@empty1.ekahuna.com@pc02.ekahuna.com> In-Reply-To: <20020618013853.GB6214@dan.emsphone.com> References: <20020618013550.GA6214@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 17 Jun 2002, at 20:38, Dan Nelson boldly uttered: > In the last episode (Jun 17), Dan Nelson said: > > In the last episode (Jun 17), Philip J. Koenig said: > > > I've had trouble killing logins manually that way, although I admit > > > that I've been using a plain 'kill' command, not 'kill -9'. > > > > > > Where I need to do this most often is for SSH users whose sessions > > > time out due to connectivity problems. I kill their processes and > > > shell, but the login still just sits there for a really long time > > > (hours? days? .. in 'who' anyway) before it goes away. > > > > If you kill -9 sshd, it doesn't get a chance to clean up the login > > records. Try just kill -9'ing the user's shell. I dont' kill sshd, just the shell and any other user-owned processes. > > You can also force the connections to time out all by themselves by > > setting net.inet.tcp.always_keepalive=1 in /etc/sysctl.conf. That'll > > force the kernel to send an empty packet after a TCP socket has been > > idle for a couple of hours. If the packet isn't acked, the kernel > > closes the socket. > > Hmm. According to the sshd manpage, it already enables keepalives. > Ignore my sysctl idea, then. Interesting you should mention that though. I have a problem where sessions get killed off, and I think it's because of the stateful firewall on one or both ends of the connection timing out the session when no packets traverse it for 5-10 mins. (this is actually the main reason I end up wanting to kill 'zombie' user sessions) Even with the keepalive feature turned on, the problem remains. Out of 3 ssh clients I've tried, the only one so far that has a working keepalive function that fixes this problem is Putty. (for Windows) Both the Windows client from SSH Corp and the openssh client shipped with FreeBSD 4.3-4.6 won't keep the connection up. (I don't remember if I tried a Linux installation of openssh) Phil -- Philip J. Koenig pjklist@ekahuna.com Electric Kahuna Systems -- Computers & Communications for the New Millenium To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020618022326603.AAA594>