I'm having trouble with my SSH connection from my Mac OS X laptop (behind a firewall, ports 22,23,6000-6010 open) to a remote machine running Fedora. My ssh connection is timing out after several minutes of inactivity which makes it difficult to get anything done. I've even tried starting xclock on the remote machine and it starts and runs but doesn't force the connection to stay open. When I log in to the remote machine from my local Fedora box (no firewall) the connection stays open for days. I've seen info on this before and one of the things mentioned is the TCPKeepAlive direcive. In my .ssh/config file I have TCPKeepAlive yes. This doesn't seem to help though. Could it be there are other ports I need to open? Anyone know what's going wrong here?
Msg#: 3078346 posted 9:30 am on Sep 11, 2006 (gmt 0)
I have had this problem before. You need to make some changes in sshd_config, which is probably in your /etc/ssh directory. I first tried the KeepAlive, but this is a TCP type keep alive check which only keeps the connection between the firewall and server going. The connection with the client may die without notice.
Therefore after some testing I added the following to my sshd_config:
ClientAliveInterval 15 ClientAliveCountMax 5
The ClientAlive messages are sent over the encrypted channel between the endpoints of the connection, i.e. de server and the client. They will pass through the firewall. This will keep your connection running, even if it is idle for a long time.
Yes, I mentioned the remote machine. The sshd process should send out periodical queries to the client to see if it is still alive. I have looked in the SSH manual and couldn't find an equivalent setting on the client side.