[CentOS] Problem with ssh disconnecting

Mon Feb 12 23:34:02 UTC 2018
Stephen John Smoogen <smooge at gmail.com>

On Mon, Feb 12, 2018 at 6:25 PM H <agents at meddatainc.com> wrote:

> Running CentOS 7 on workstation and having a problem with ssh disconnects.
> My ssh_config contains:
>
> Host *
> TCPKeepAlive yes
> ServerAliveInterval 30
> ServerAliveCountMax 300
>
> and sshd_config on the server contains:
>
> TCPKeepAlive yes
> ClientAliveInterval 60
> ClientAliveCountMax 300
>
> Have I missed any setting needed to prevent these random disconnects? I
> don't think there is anything wrong with the network card, the driver, or
> the cable, since if I am on a VPN connection via another server, the VPN
> and any ssh connection stay up indefinitely.
>
> Thanks.



There are usually 2 different reasons for this:
1. The VPN is UDP and times out/drops keeps alives so that they no longer
function properly. [The UDP connection will make it look like you have a
new SSH connection which of course the system will drop because that would
allow for security problems.]

2. A firewall in the chain of things (system you are on, the system you are
going to, or somewhere in between) has session flushing issues. If you have
the firewall set up to only accept NEW port 22 connections and then just
looks to see if the ESTABLISHED, RELATED tables are accepted elsewhere then
if the session somehow ages out or is flushed due to usage, the ssh
connection can get dropped.

The solution to one is to see if a TCP VPN fixes the problem. The second
one is to either make the iptables kernel tables larger or to have all port
22 accepted even if it is not ESTABLISHED.

These aren’t the only ways the problem you see can occur but they are some
of the most common I have run into.



>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
-- 
Stephen J Smoogen.