Could it be the SSH server itself that is timing out the session? If I remember correctly, sshd does have client timeout settings.
- Mike On Thu, Feb 9, 2017 at 10:34 PM, Mark van den Boogaard < mark.vanden.booga...@davantigroup.com> wrote: > Hi, > > I did some tests. After half an hour of inactivity the session is not > responding anymore. I did a ping on the same time but didn't had any packet > loss. > We are using Guacamole 0.9.10 with MySQL (MariaDB) backend and LDAP > authentication (to Active Directory) on CentOS 7.3.1611. > We are using Apache as proxy > > [root <root@dvguac02> ~]# mysql --version > mysql Ver 15.1 Distrib 10.1.21-MariaDB, for Linux (x86_64) using readline > 5.1 > > [root <root@dvguac02> ~]# cat /etc/redhat-release > CentOS Linux release 7.3.1611 (Core) > > [root <root@dvguac02> ~]# cat /etc/httpd/conf.d/guacamole.conf > ProxyPass / http://localhost:8080/guacamole/ flushpackets=on > ProxyPassReverse / http://localhost:8080/guacamole/ > ProxyPassReverseCookiePath /guacamole/ / > > <Location /websocket-tunnel> > Order allow,deny > Allow from all > ProxyPass ws://localhost:8080/guacamole/websocket-tunnel > ProxyPassReverse ws://localhost:8080/guacamole/websocket-tunnel > </Location> > > /var/log/messages: > Feb 10 06:49:45 <hostname> guacd[33566]: Creating new client for protocol > "ssh" > Feb 10 06:49:45 <hostname> guacd[33566]: Connection ID is > "$98447e17-d5ae-4b65-879d-b766e7888a78" > Feb 10 06:49:45 <hostname> guacd[10483]: User > "@1460e686-4dc3-401d-8ba9-0686d98bc348" > joined connection "$98447e17-d5ae-4b65-879d-b766e7888a78" (1 users now > present) > Feb 10 06:49:45 <hostname> server: 06:49:45.156 [http-bio-8080-exec-1089] > INFO o.a.g.tunnel.TunnelRequestService - User "boogaardvandenm" > connected to connection "157". > Feb 10 06:49:45 <hostname> guacd[10483]: SSH connection successful. > Feb 10 06:50:01 <hostname> systemd: Created slice user-0.slice. > Feb 10 06:50:01 <hostname> systemd: Starting user-0.slice. > Feb 10 06:50:01 <hostname> systemd: Started Session 3100 of user root. > Feb 10 06:50:01 <hostname> systemd: Starting Session 3100 of user root. > Feb 10 06:50:01 <hostname> systemd: Removed slice user-0.slice. > Feb 10 06:50:01 <hostname> systemd: Stopping user-0.slice. > Feb 10 06:57:18 <hostname> systemd: Starting Cleanup of Temporary > Directories... > Feb 10 06:57:18 <hostname> systemd: Started Cleanup of Temporary > Directories. > Feb 10 07:00:01 <hostname> systemd: Created slice user-0.slice. > Feb 10 07:00:01 <hostname> systemd: Starting user-0.slice. > Feb 10 07:00:01 <hostname> systemd: Started Session 3101 of user root. > Feb 10 07:00:01 <hostname> systemd: Starting Session 3101 of user root. > Feb 10 07:00:01 <hostname> systemd: Removed slice user-0.slice. > Feb 10 07:00:01 <hostname> systemd: Stopping user-0.slice. > Feb 10 07:01:01 <hostname> systemd: Created slice user-0.slice. > Feb 10 07:01:01 <hostname> systemd: Starting user-0.slice. > Feb 10 07:01:01 <hostname> systemd: Started Session 3102 of user root. > Feb 10 07:01:01 <hostname> systemd: Starting Session 3102 of user root. > Feb 10 07:01:01 <hostname> systemd: Removed slice user-0.slice. > Feb 10 07:01:01 <hostname> systemd: Stopping user-0.slice. > Feb 10 07:10:01 <hostname> systemd: Created slice user-0.slice. > Feb 10 07:10:01 <hostname> systemd: Starting user-0.slice. > Feb 10 07:10:01 <hostname> systemd: Started Session 3103 of user root. > Feb 10 07:10:01 <hostname> systemd: Starting Session 3103 of user root. > Feb 10 07:10:01 <hostname> systemd: Removed slice user-0.slice. > Feb 10 07:10:01 <hostname> systemd: Stopping user-0.slice. > Feb 10 07:20:01 <hostname> systemd: Created slice user-0.slice. > Feb 10 07:20:01 <hostname> systemd: Starting user-0.slice. > Feb 10 07:20:01 <hostname> systemd: Started Session 3104 of user root. > Feb 10 07:20:01 <hostname> systemd: Starting Session 3104 of user root. > Feb 10 07:20:01 <hostname> systemd: Removed slice user-0.slice. > Feb 10 07:20:01 <hostname> systemd: Stopping user-0.slice. > > > Ping statistics: > --- 172.x.y.z ping statistics --- > 1853 packets transmitted, 1851 received, 0% packet loss, time 1854742ms > rtt min/avg/max/mdev = 19.376/20.550/37.963/2.018 ms > > > If anybody has an idea or if I have to create a bug, please let me know. > > -- > > Met vriendelijke groet / with kind regards, > > *Mark van den Boogaard* > Linux specialist > > > > Mob: +31 6 82241436 <+31%206%2082241436> > E-Mail: mark.van.den.booga...@davantigroup.com > Web: www.davantigroup.com > > *Davanti Warehousing B.V.* > Hogeweg 35E, Postbus 2601, 5300 CB Zaltbommel > > -----Original Message----- > *From*: Mark van den Boogaard <mark.vanden.booga...@davantigroup.com > <mark%20van%20den%20boogaard%20%3cmark.vanden.booga...@davantigroup.com%3e> > > > Reply-to: <user@guacamole.incubator.apache.org> > *To*: user@guacamole.incubator.apache.org <user@guacamole.incubator. > apache.org > <%22u...@guacamole.incubator.apache.org%22%20%3cu...@guacamole.incubator.apache.org%3e> > > > *Subject*: Re: Timeout SSH session > *Date*: Mon, 6 Feb 2017 13:03:31 +0000 > > Hi, > > This will make a bit more clear to me. At the moment it is just happening > randomly ( I couldn't find out any pattern yet except the inactivity). > I will try to figure out when it happens so we can maybe reproduce it. I > will also try to figure out if it can happen because of underlaying network > issues. If I have some more info (or not if there is none...) , I will come > back. > > -- > > Met vriendelijke groet / with kind regards, > > *Mark van den Boogaard* > Linux specialist > > > > Mob: +31 6 82241436 <+31%206%2082241436> > E-Mail: mark.van.den.booga...@davantigroup.com > Web: www.davantigroup.com > > *Davanti Warehousing B.V.* > Hogeweg 35E, Postbus 2601, 5300 CB Zaltbommel > > -----Original Message----- > *From*: Mike Jumper <mike.jum...@guac-dev.org > <mike%20jumper%20%3cmike.jum...@guac-dev.org%3e>> > Reply-to: <user@guacamole.incubator.apache.org> > *To*: user@guacamole.incubator.apache.org > *Subject*: Re: Timeout SSH session > *Date*: Sun, 5 Feb 2017 11:52:58 -0800 > > On Thu, Feb 2, 2017 at 2:45 AM, Mark van den Boogaard < > mark.vanden.booga...@davantigroup.com> wrote: > > Hello all, > > We are using guacamole for a couple of months now but we have some > problems with SSH connections. > We connect to our customers with guacamole via a VPN tunnel. Sometimes we > keep the SSH-session open but we don't use it for a while. Often the > SSH-session freezes when we want to use it again. Is there some way to keep > the SSH-session alive until we logout or until the session timeout kicks in? > > > Guacamole's session timeout only takes effect once all connections are > closed. If a user has an SSH connection open, they should stay logged in, > regardless of whether they are actively using that connection. As far as > Guacamole is concerned, as long as the connection is open, the user is > active. > > What you describe sounds like a bug, assuming there isn't some underlying > network issue causing the disconnect. Is this reliably reproducible? Do you > see anything logged by guacd or Tomcat when the connection unexpectedly > terminates? > > - Mike > > -- > > Met vriendelijke groet / with kind regards, > > *Mark van den Boogaard* > Linux specialist > > > > Mob: +31 6 82241436 <+31%206%2082241436> > E-Mail: mark.van.den.booga...@davantigroup.com > Web: www.davantigroup.com > > *Davanti Warehousing B.V.* > Hogeweg 35E, Postbus 2601, 5300 CB Zaltbommel >
