ssh configuration to avoid connection timeouts / broken pipes ?

pauligrinder · 2011-04-24 00:03:22

I'm running irssi through screen on my server via ssh. Recently, my parents' internet connection has become very dodgy, and because of this, my terminal freezes altogether once every 15 minutes or so, and resumes with some "broken pipe" message after a very long time (around 10 minutes). I usualy just kill the terminal when I notice the freezing and open a new one with another ssh connection, but this seems to be getting more and more frequent, so it's very annoying. I was wondering if there is a way to get around this? Server configuration, client configuration, a different ssh client ... ?

By googling, I found that disabling "TCPKeepAlive" might do the trick, and so I did. It seemed to work at first, my connection was up for about half an hour, but then the same thing occured again

The sadest part of this is that by using puTTY on my phone over 3G, the connection stays up forever, but with the wired broadband, it won't stay up for more than 15 minutes

EDIT: This time I got this message: "Timeout, server <myaddress> not responding", after 29 minutes.

Last edited by pauligrinder (2011-04-24 00:50:30)

firecat53 · 2011-04-24 01:27:38

I'm not sure if this addresses your exact issue (I've had it setup for a loong time now ), but here's the section of my server's /etc/ssh/sshd_config that I think might help:

TCPKeepAlive yes
ClientAliveInterval 30
ClientAliveCountMax 3

Scott

rwd · 2011-04-24 08:25:09

I read somewhere TCPKeepAlive better be disabled because it can be abused for TCP Spoofing and works as a DOS attack. I'm not sure if this matters for a home server situation though.

Last edited by rwd (2011-04-24 08:54:42)

brebs · 2011-04-24 09:05:40

Dunno whether this blog post helps.

pauligrinder · 2011-04-24 12:51:09

... So the KeepAlive should be on to keep the connection up? Sounds obvious, but I read somewhere else that it works the opposite way... Well, I never put that in my servers sshd_config anyway, only on the ssh_config on the client side, so let's see if that makes a difference... (I copypasted firefcat53's configs into both)

EDIT: nope, didn't work. after being connected for 12 minutes, I found my terminal frozen again Maybe I should try a different terminal, might be something wrong with Sakura?

EDIT2: again, no difference. tried using xfce's terminal instead of Sakura and still same thing. I seriously need to do something about this connection, it's getting really frustrating.

Last edited by pauligrinder (2011-04-24 13:50:52)

Leonid.I · 2011-04-24 18:33:28

Try this in ~/.ssh/config

ServerAliveInterval 15

see "man ssh_config" for details.

pauligrinder · 2011-04-25 00:24:23

Leonid.I wrote:

Try this in ~/.ssh/config
ServerAliveInterval 15
see "man ssh_config" for details.

Yes, tried this too, doesn't seem to help. reading the man page, I noticed that TCPKeepAlive should be of rather than on, to make the client NOT detect network failures etc. But my ssh connection is still timeouting every 10 to 25 minutes

rwd · 2011-04-25 06:58:01

I have these values, and never experience timeouts. But then I mostly connect on a reliable lan connection:

client: in ~/.ssh/config

Host *
# prevent connection from hanging   
    ServerAliveInterval 15
# set connection sharing
    ControlMaster auto
    ControlPath ~/.ssh/master-%r@%h:%p

server: in /etc/ssh/ssd_config:

    TCPKeepAlive no
    ClientAliveInterval 600
    ClientAliveCountMax 3
    (...)

Because I reuse connections I do not run against maximum session limits (set with MaxStartups in sshd_config).

I also disabled pam and all other authentication methods in sshd_config except public key authentication. PAM has some inactivity timeout as well. Then there is the timeout in the bash shell ('TMOUT=<seconds>' in /etc/profile.bash) that is disabled by default I think.

pauligrinder · 2011-04-25 14:10:36

yep, this connection used to be reliable too, but now I get timeouts all the time, and also if I connect the Deluge-GTK to a daemon running on my server, it will randomly freeze and I have to reconnect to get it to work again. Luckily I'm getting out of here tomorrow
Still, it would be nice to solve this problem, because I will be coming here every once in a while... I would call the ISP and complain (I don't think the problem can be with our routers, because ssh connections inside the LAN work just fine), but because it's easter, their customer support is closed Besides, I don't know how to explain the problem to them, because most likely they won't even know what ssh is...

I tried rwd's configs, and they didn't help either. The only difference is that it seems to timeout faster now, instead of freezing the whole terminal for a long time...

Last edited by pauligrinder (2011-04-25 14:13:11)

Arch Linux

#1 2011-04-24 00:03:22

ssh configuration to avoid connection timeouts / broken pipes ?

#2 2011-04-24 01:27:38

Re: ssh configuration to avoid connection timeouts / broken pipes ?

#3 2011-04-24 08:25:09

Re: ssh configuration to avoid connection timeouts / broken pipes ?

#4 2011-04-24 09:05:40

Re: ssh configuration to avoid connection timeouts / broken pipes ?

#5 2011-04-24 12:51:09

Re: ssh configuration to avoid connection timeouts / broken pipes ?

#6 2011-04-24 18:33:28

Re: ssh configuration to avoid connection timeouts / broken pipes ?

#7 2011-04-25 00:24:23

Re: ssh configuration to avoid connection timeouts / broken pipes ?

#8 2011-04-25 06:58:01

Re: ssh configuration to avoid connection timeouts / broken pipes ?

#9 2011-04-25 14:10:36

Re: ssh configuration to avoid connection timeouts / broken pipes ?

Board footer