Fabrizio Bertocci <fabriziobertocci <at> gmail.com> writes: > > > Hi All, > Here is an interesting (but inconvenient) problem I've found with dbclient when connected to an OpenSSH server that uses the keepalive (ClientAliveInterval & ClientAliveCountMax). > > > I have a OpenSSH server that sends keepalive messages to the client every 10 seconds and consider the client disconnected after 2 failed attempts. > > On my client I use dbclient (latest version 0.52) to start a connection (using a private key with no password) to setup some tunnels (local & remote). > So far so good. When I launch the dbclient from a shell everything is fine, this is what I see on the server log every 10 seconds: > > > debug2: channel 1: request keepalive <at> openssh.com confirm 1 > debug1: Got 100/10 for keepalive > debug2: channel 1: request keepalive <at> openssh.com confirm 1 > debug1: Got 100/11 for keepalive > ... > > > and the server keep maintaining the connection with the client. > > Unfortunately, when I invoke my bourne shell script (that I use as wrapper for launching dbclient) from the init script (/etc/init.d/myWrapper.sh), everything SEEMS to work fine, but when the server sends keep alive messages, the dbclient doesn't seem to respond correctly. > This is what I see from the server's log: > > > debug2: channel 1: request keepalive <at> openssh.com confirm 1 > debug2: channel 1: almost dead > debug2: channel 1: gc: notify user > debug1: session_by_channel: session 0 channel 1 > debug1: session_close_by_channel: channel 1 child 18881 > debug1: session_close_by_channel: channel 1: has child > ... > Disconnecting: Timeout, your session not responding. > debug1: do_cleanup > debug1: do_cleanup > > > Does anybody have an idea why ? > It has something to do with I/O probably or some settings that are available when I launch my script (or the dbclient) from an interactive session but is missing when is invoked from the init script... > > Regards, > fabrizio > >
So reading the OpenSSH source code... it implements "client alive" by sending an "SSH_MSG_GLOBAL_REQUEST" (type: 80) message. dbclient doesn't implement that message and so returns an "SSH_MSG_UNIMPLEMENTED" (type: 3) message. But the OpenSSH server expects either an "SSH_MSG_REQUEST_SUCCESS" (type: 81) or "SSH_MSG_REQUEST_FAILURE" (type: 82) response. But I don't know why it works when launching dbclient from the shell. You'd think it would just always kick dbclient. Regards, Ahilan
