When I'm ssh'ed into one of our office servers (which run Fedora 10) from home, my session times out after a fairly short period of activity (5 minutes or so). I've tried using TcpKeepAlive on the client side, to no effect.
The thing I don't understand is that if I'm in the office on the company LAN, I can leave a session inactive all day without it timing out, so the behaviour seems to be dependent on my location.
Any ideas why this is happening and how to prevent timeouts when I'm not on the LAN ? I'm using the Terminal client on Mac OSX if that helps.
UPDATE - Dave Drager's suggestion of using the ServerAliveInterval set to non-zero with TcpKeepAlive=no worked for me. Regarding some of the other answers, the ClientAlive... settings aren't accepted by the Mac OSX SSH client.
There is a good writeup on this problem here.
They recommend:
or:
However, I do have an issue at my work site where I get disconnected from sessions, where at home they are fine. I believe my firewall (SonicWall) may be flucking with TCPKeepAlive, maybe because of NAT.
My SSH client, SecureCRT, fortunately has an option for a "NO-OP" protocol, which I believe basically sends a command that doesn't do anything to the server. By manually enabling this I am able to remain connected. Not sure what the MacOSX terminal client has that is similar to that. There is a writeup on how to implement "NO-OP" on command line.
Finally, you may wish to use Wireshark or other sniffer to watch your actual TCP connection to find out what is going on with it. That would be the final way to see why it is still disconnecting occasionally.
This is probably because when your are connecting from home you pass through a firewall that close TCP session after a small amount of time. But TcpKeepAlive should avoid this. Did you enabled TcpKeepAlive on client side or on server side ?
I get this all the time on my Comcast connection. The problem is that your SSH client's keep-alive interval is too long for the timeout configured in your network path. If you're on Linux, you can modify the
ServerAliveIntervalandServerAliveCountervalues to be lower than their defaults. This value is set in seconds. The system-wide config file is found (generally) in/etc/ssh/ssh_config. Setting those two ANDTcpKeepAliveshould help keep your connection going.Like radius says, some state-full firewalls do 'forget' a connection after certain (usually configurable) time and will not allow further communication for the connection; they expect the connection to start with a TCP SYN (i refer to your SSH communication here).
There is another possibility. The network path between your home and office may have losses (of the packet kind). When you try to type on the SSH client, if your link has stalled for a while, the client might give up and fail.
Keepalive configuration on the client will handle the first case here but cannot help in the second case. The firewall would usually be at your office perimeter and therefore might be configurable. That would also help on the first point.
To check if you are having intermittent link losses you could keep a 'ping' active in the background from your client machine.
You can also add the settings suggested by others as defaults in your
~/.ssh/configfile, so you don't have to pass them tosshevery time you initiate a connection:nano ~/.ssh/configand add: