2

I'm using the following command on a client for port tunneling:

autossh -M 20000 -4 -N -f -R 18822:localhost:22 <user>@<vps-ip>

Sometimes the client would lose connection or power for a short while, and when it's back online, the SSH process on the VPS is still active. A new process appears when the client connects again, but the port forwarding isn't working (I assume the first process still occupies the port).

I thought I could fix this by making the following changes:

Added to the end of VPS' /etc/ssh/sshd_config:

ClientAliveInterval 90
ClientAliveCountMax 2

Added to the end of client's /etc/ssh/ssh_config:

ServerAliveInterval 90
ServerAliveCountMax 2

From this answer and my general understanding of those features, I was under the impression that this would try 2 times to send a null packet every 90 seconds, and if that fails, so, after 180 seconds, the connection will die off due to a "broken pipe", the SSH process on the VPS will be killed and the port can be used again by the client.

However it's now been 20 minutes since the client shut down and the SSH process is still existing on the VPS, occupying the port. (Update: The process disappeared after ~25-30 minutes)

Is my understanding of the above wrong? How would I go on about checking if the connection is still alive and closing it if the client doesn't answer back anymore?

confetti
  • 1,964
  • Are you sure the process is a zombie?: a zombie is a dead process that has freed all of its resources (expect PID, return state), but the OS is waiting for the parent process to acknowledge that it is dead. What you are discussing is something else. – ctrl-alt-delor Nov 04 '18 at 13:04
  • 1
    @ctrl-alt-delor It's not a zombie, that's why I put quotes around it. I should edit that. It's a regular process in running state, but the connection is down since a long time without SSH noticiting it and closing the connection/process properly after the limit I set. | Edited the question. – confetti Nov 04 '18 at 13:05
  • Since it looks like you are testing right now: have you restarted sshd on the server? – fra-san Nov 04 '18 at 13:51
  • @fra-san Yes, that does get rid of the processes, but that's not a permanent solution. – confetti Nov 04 '18 at 13:52
  • Sorry, my question wasn't clear. I was talking about restarting the server to let it reload its configuration after you changed it. – fra-san Nov 04 '18 at 13:54
  • @fra-san Oh I'm sorry. Yes I did that right after making the change. – confetti Nov 04 '18 at 13:56

0 Answers0