Hi Johan We are using dropbear in a similar way to yourself.
You're correct that the -K option should prevent the server and the routers in between from closing the connection. I tried using the -I option in the same way that you did but it didn't work for me. I suspect that the keep-alives sent with the -K actually prevent the link from ever appearing as "idle", although I'm not entirely sure. We decided to use 'autossh' to launch 'dbclient' and monitor the connection by sending its own link test messages. See: http://www.harding.motd.ca/autossh/ That works well for us. However, we still had one issue. If dbclient failed to set up the reverse tcp forward, it wouldn't exit with an error so autossh would never know. So I made the following minor code change (perhaps this could be considered for a future release of dropbear?): --- dropbear-0.52_orig/cli-tcpfwd.c 2008-11-11 14:09:02.000000000 +0000 +++ dropbear-0.52_new/cli-tcpfwd.c 2010-06-30 16:05:17.000000000 +0000 @@ -172,8 +172,16 @@ if (!iter->have_reply) { iter->have_reply = 1; - dropbear_log(LOG_WARNING, "Remote TCP forward request failed (port %d -> %s:%d)", iter->listenport, iter->connectaddr, iter->connectport); - return; + + if (cli_opts.no_cmd) + { + dropbear_exit("Remote TCP forward request failed (port %d -> %s:%d)", iter->listenport, iter->connectaddr, iter->connectport); + } + else + { + dropbear_log(LOG_WARNING, "Remote TCP forward request failed (port %d -> %s:%d)", iter->listenport, iter->connectaddr, iter->connectport); + return; + } } iter = iter->next; } We run dbclient with the -N option, so I tied the above behaviour to that. dbclient will exit if the -N option is set and a remote tcp forward request fails. Subsequently, autossh will restart dbclient again. This does the trick for us. Hope this helps. Best regards, -Dan -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Johan Ribenfors Sent: 06 July 2010 14:30 To: [email protected] Subject: Detect dropped connections Hi, We have upwards of 70 embedded pcs running linux, and are trying to use dropbear to set up ssh tunnels to our server. This is so we don't have to worry about dynamic ips, router configuration, mesh networks or any other of the strange setups we've encountered. The command we are using is: dbclient -R <remoteport>:localhost:<localport> -I 60 -K 30 -g -T -N -f -i <key> <user>@<host> If I've got the arguments correct, the -I should cause dbclient to exit if it doesn't recieve any keep alive packets from the server within 60 seconds. The -K should cause dbclient to send a packet every 30 seconds to prevent routers etc from closing the connection. Generally, this seems to work. However, we occasionally get a situation where the server has stopped listening on the relevant port, and dbclient hasn't detected this and exited. Have I missunderstood the arguments, or missed a setting? This is Dropbear client v0.52 Thanks in advance. - Johan
