I currently have to deal with a (arguably broken) firewall which likes to drop connections that have been idle for more than a couple minutes. Unfortunately, while ssh gives me the option of using keepalives, it doesn't give me a way to set the keepalive time, and, since the default is 3 hours, it doesn't do me much good. What I'd love to see is either a KeepAliveTime option indicating a number of seconds between keepalives if KeepAlive is "on", or make KeepAlive itself take a number of seconds as an option. Thanks! -dan danfuzz@milk.com
The "KeepAlive" option enables TCP_KEEPALIVE on the socket which uses a system-wide setting (normally 2 hours according to Stevens.) There is a "Heartbeat" patch for openssh which does what you want, see http://www.sc.isc.tohoku.ac.jp/~hgot/sources/openssh-watchdog.html
Thanks for the reference to the heartbeat patch; I'll probably be installing it shortly. However, I should note that at least on some systems (on mine at least), there *is* a TCP option to change the keepalive time.
You probably want ClientAliveInterval in sshd_config
As mentioned, TCP keepalives are a system-wide setting. On linux you can tweak them using "sysctl -w net.ipv4.tcp_keepalive_time=xxx" or through /proc/sys Adding protocol-level keepalives to the client (they are already in the server) is a separate issue (and bug).
Mass change of RESOLVED bugs to CLOSED