Fabrizio Bertocci contacted me and let me know that this seems to be a
known issue.
https://www.mail-archive.com/[email protected]/msg00701.html
https://www.mail-archive.com/[email protected]/msg00980.html
The work I am doing is on an OpenWRT device with 8MB of flash, so local
space is very limited. I had to install the OpenSSL client yesterday,
which took up nearly an additional 2MB of space, but at least it works.
It would be nice to use dbclient instead, but it's idle timer is just
straight-up broken when used with -N -R.
This works as expected with OpenSSL client:
ssh -i $SSH_KEYFILE -o "ServerAliveInterval=15" -o
"ServerAliveCountMax=4" -N -R $SSH_PROXY_PORT:localhost:22
$SSH_USER@$SSH_HOST
On 7/4/14, 3:57, Jesse Molina wrote:
Hello
I am doing this:
ssh -K 3 -I 60 -i keyfile -N -R 2222:localhost:22 user@host
I am intending a dropbear ssh client to set up a reverse proxy
connection to a server, so I am using -N and -R.
I am also using -K and -I so that the connection sends keepalives and
will timeout if the network is disrupted.
My problem is that the above results in the session dying 60 seconds
after setup is finished because the idle timeout is being hit. I am
not sure how -I is metering inbound traffic, but it's apparently not
picking up anything.
Note that I have "ClientAliveInterval 15" set on the sshd_config
server side. I would expect dropbear to count this traffic towards -I.
Without -I above, it took my device 18 minutes to figure out that I
had pulled the network out from under it by shutting down the
interface. That isn't acceptable.
Can dropbear do this, or do I need to use openssh? I get the feeling
after reading what I have read that dropbear is too simple to figure
out when the server has gone away in most situations.
Relevant:
https://www.mail-archive.com/[email protected]/msg00978.html
https://www.mail-archive.com/[email protected]/msg00648.html
https://www.mail-archive.com/[email protected]/msg00402.html
Thanks in advance.
