夜空

公司刚换了成电信的网络，啥也不没有改过，连上服务器后，如果超过30s左右没有动，就自动断开
我想就此问题和大家探讨一下。
原因分析：a packet filter or NAT device timing out your TCP connection due to inactivity
一般由于我们的tcp连接没有活动而被firewall认为超时中断了会话。
Many NAT firewalls time out idle sessions after a certain period of time to keep their trunks clean. Sometimes the interval between session drops is 24 hours, but on many commodity firewalls, connections are killed after as little as 300 seconds.
解决方法：
#vi /etc/ssh/ssh_config
添加以下两行：
ServerAliveInterval 300
ServerAliveCountMax 2
不过在官方FAQ中看到ServerAliveInterval 只能在OpenSSH 3.8 and newer才能使用。

或者
#vi /etc/ssh/sshd_config
添加以下两行：
ClientAliveInterval 300
ServerAliveMaxCount 2

官方参数解释如下：

ServerAliveInterval
             Sets a timeout interval in seconds after which if no data has
             been received from the server, ssh(1) will send a message through
             the encrypted channel to request a response from the server.  The
             default is 0, indicating that these messages will not be sent to
             the server.  This option applies to protocol version 2 only.
ClientAliveCountMax
             Sets the number of client alive messages (see below) which may be
             sent without sshd(8) receiving any messages back from the client.
             If this threshold is reached while client alive messages are be-
             ing sent, sshd will disconnect the client, terminating the ses-
             sion.  It is important to note that the use of client alive mes-
             sages is very different from TCPKeepAlive (below).  The client
             alive messages are sent through the encrypted channel and there-
             fore will not be spoofable.  The TCP keepalive option enabled by
             TCPKeepAlive is spoofable.  The client alive mechanism is valu-
             able when the client or server depend on knowing when a connec-
             tion has become inactive.

             The default value is 3.  If ClientAliveInterval (see below) is
             set to 15, and ClientAliveCountMax is left at the default, unre-
             sponsive SSH clients will be disconnected after approximately 45
             seconds.  This option applies to protocol version 2 only.

     ClientAliveInterval
             Sets a timeout interval in seconds after which if no data has
             been received from the client, sshd(8) will send a message
             through the encrypted channel to request a response from the
             client.  The default is 0, indicating that these messages will
             not be sent to the client.  This option applies to protocol ver-
             sion 2 only.

夜空- 本站版权

1、本站所有主题由该文章作者发表，该文章作者与夜空享有文章相关版权
2、其他单位或个人使用、转载或引用本文时必须同时征得该文章作者和夜空的同意
3、本帖部分内容转载自其它媒体，但并不代表本站赞同其观点和对其真实性负责
4、如本帖侵犯到任何版权问题，请立即告知本站，本站将及时予与删除并致以最深的歉意
5、原文链接：blog.slogra.com/post-31.html

标签: ssh 断开 超时