[ale] SSH Woes
Bob Toxen
transam at verysecurelinux.com
Fri Apr 22 01:46:20 EDT 2005
On Thu, Apr 21, 2005 at 10:43:11AM -0400, Michael B. Trausch wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: RIPEMD160
> Does anyone here know of issues with 2.6.x.x kernels and long-term SSH
> connections?
> I know that if I SSH into my system with 2.6.11.7, the connection seems
> to randomly crap out. If I do so to 2.4.29 or 2.4.30, it doesn't.
> This happens directly on the same subnet, as well as over the Internet
> with nothing between.
It happening on the same subnet rules out braindamaged firewalls.
First, try doing:
cat /proc/sys/net/ipv4/tcp_keepalive_time
to see what your TCP keepalive time is under each kernel. If it is much
longer under your 2.6 kernel, try adding:
# Bob: Shorten for SSH through finicky firewalls (default is 7200 secs):
echo "Set TCP keepalive time to 180 seconds"
echo 180 > /proc/sys/net/ipv4/tcp_keepalive_time
to your /etc/rc.d/rc.local file and rebooting.
Please let me know if that is the problem.
> Ideas?
> Thanks,
> Mike
> - --
> Michael B. Trausch <fd0man at gmail.com>
> Website: http://fd0man.chadeux.net/ Jabber: mtrausch at jabber.com
> Phone: +1-(678)-522-7934 FAX (US Only): 1-866-806-4647
> ===================================================================
> Do you have PGP or GPG? Key at pgp.mit.edu, Please Encrypt E-Mail!
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> iD8DBQFCZ7v/PXInbkqM7nwRA2wDAJ4hxlXnTJgOvdRsQ4jtHC3F+PzkvQCdHNfd
> 87MJ4pHXwSxHdFiFBScbyrk=
> =ZA8u
> -----END PGP SIGNATURE-----
Best regards,
Bob Toxen, CTO
Fly-By-Day Consulting, Inc.
d/b/a Horizon Network Security
"Your expert in Firewalls, Virus and Spam Filters, VPNs,
Network Monitoring, and Network Security consulting"
http://www.verysecurelinux.com [Network & Linux/Unix Security Consulting]
http://www.realworldlinuxsecurity.com [My 5* book: "Real World Linux Security"]
http://www.verysecurelinux.com/sunset.html [Sunset Computer]
bob at verysecurelinux.com (e-mail)
My recent training and talks on Linux security include:
at IBM's Linux Competency Center in New York City on Mar. 06 2003
at the Atlanta SecureWorld Expo in Atlanta on May 22 2003
at the Enterprise Linux Forum in Silicon Valley on June 04 2003
at Computer Associates' Atlanta Linux Security Summit on Sep. 16 2003
in New Jersey on Oct. 27-30 2003
at Southeast Cybercrime Summit in Atlanta on Mar. 4 2004
at the FBI's Atlanta headquarters on Mar. 10 2004
in Denver, CO on Apr. 15-16 2004
in New Jersey on May. 25-26 2004
at the Atlanta SecureWorld Expo in Atlanta on May 27 2004
in Denver, CO on Jul. 12-13 2004
at Linux World SF signing at Prentice Hall's booth on Aug. 03 2004
in Denver, CO on Sep. 27-28 2004
in Boston, MA on Oct. 11-14 2004
at Atlanta Unix Users Group on Nov. 01 2004
in New Jersey on Nov. 15-16 2004
in Denver, CO on 2/28-3/04 This Year
Author,
"Real World Linux Security: Intrusion Detection, Prevention, and Recovery"
2nd Ed., Prentice Hall, (C) 2003, 848 pages, ISBN: 0130464562
Also available in Japanese, Chinese, Czech, and Polish.
If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- White House cybersecurity adviser Richard Clarke
Public key available at http://www.verysecurelinux.com/pubkey.txt, keyservers,
and on the CD-ROM that comes sealed and attached to Real World Linux Security
pub 1024D/E3A1C540 2000-06-21 Bob Toxen <book at realworldlinuxsecurity.com>
Key fingerprint = 30BA AA0A 31DD B68B 47C9 601E 96D3 533D E3A1 C540
sub 2048g/03FFCCB9 2000-06-21
More information about the Ale
mailing list