On Sat, 13 May 2006 17:49:24 +0200 Anders Ellenshøj Andersen wrote: > lørdag 13 maj 2006 17:36 skrev Jonas Smedegaard: > > > Opsummering: > > > > > > Drop 'KeepAlive yes' > > > Indsæt 'ClientAliveInterval nn' > > > > > > i sshd_config. > > > > ...eller prøv istedet: > > > > Indsæt 'TcpKeepAlive yes' > > Mnjaaa.. Se spørgsmålet er hvad forskellen er på disse to? > > Fordele/ulemper.. 'info ssh_config' under ServerAliveCountMax: > It is important to note that the use of server alive messages is very > different from TCPKeepAlive (below). The server alive messages are > sent through the encrypted channel and therefore will not be > spoofable. The TCP keepalive option enabled by TCPKeepAlive is > spoofable. ...og under TCPKeepAlive: > This option only uses TCP keepalives (as opposed to using ssh level > keepalives), so takes a long time to notice when the connection > dies. As such, you probably want the ServerAliveInterval option as > well. However, this means that connections will die if the route is > down temporarily, and some people find it annoying. (bemærk at jeg kiggede i konfigurationsfilen til _klienten_ - derfor "server" fremfor "client" som du foreslog) - Jonas -- * Jonas Smedegaard - idealist og Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ - Enden er nær: http://www.shibumi.org/eoti.htm
Attachment:
pgpFDh3rNeNFz.pgp
Description: PGP signature