解决SSH客户端会话超时

in 互联网技术 with 0 comment  访问: 2,794 次

通常默认公有云上的ECS远程连接,很容易断开,当你有什么事情被打断或者去操作别的机器同步做点其他事情,你会发现你SSH客户端登录窗口经常会断开掉,非常烦人,经常要重新登录。
nihenfan.gif
如果用一些Windows下客户端软件比如XShell or CRT都会有超时时间和心跳检测次数设置,但是默认Mac下的终端 Or Linux下直接远程命令客户端是没有这个设置窗口的。
image-20200701223636739.png
没事菜菜有办法,下面就教你正确姿势.

1. Client端设置

万事先从本身先思考,如果能够先搞自己,就别搞别人,因为搞C你很容易负责,搞S搞坏了,那有时候就会很蛋疼,因为一般S会跑一些业务,C坏了,大不了一起从头再来,至少自做的饭在难吃,你也会咽下去,S坏了有可能你就要付出惨痛的代价, 所以先搞C端是比较Nice的选择。

SSH Client会从以下途径获取配置参数:

  1. SSH命令行参数;
  2. 用户配置文件 (~/.ssh/config);
  3. 系统配置文件 (/etc/ssh/ssh_config)。

姿势1

ssh -o ServerAliveInterval=60 -o ServerAliveCountMax=30 root@10.0.1.25 -p22

姿势2

$ vim ~/.ssh/config #添加如下内容
Host *
    ServerAliveInterval 60
    ServerAliveCountMax 30

姿势3

$ vim /etc/ssh/ssh_config # 在Host *下面添加:

Host *
       SendEnv LANG LC_*
       ServerAliveInterval 60
       ServerAliveCountMax 30

如果三个都设置了读取顺序是否是姿势1 ---> 姿势2 ---> 姿势3:
image-20200702003156495.png
image-20200718224328382.png

说明:

本地SSH Client每隔60s向Server端SSHD发送 keep-alive 包,如果发送30次, Server端还无回应则断开连接。

2. Server端设置

SSH Server在这里就是服务器端的sshd服务(类Unix的系统都有),可以通过修改sshd的配置文件来改变SSH Session的超时时间:

vim /etc/ssh/sshd_config

然后找到下面两项:

ClientAliveInterval 60
ClientAliveCountMax 30

这两项默认可能是注释掉的,去掉#,然后如上设置.

说明:

更多参考man ssh_config:

ServerAliveCountMax Sets the number of server alive messages (see below) which may be sent without ssh(1) receiving any messages back from the server. If this threshold is reached while server alive messages are being sent, ssh will disconnect from the server, terminating the session. It is important to note that the use of server alive messages is very different from TCPKeepAlive (below). The server alive messages are sent through the encrypted channel and therefore will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable. The server alive mechanism is valuable when the client or server depend on knowing when a connection has become inactive.

The default value is 3. If, for example, ServerAliveInterval (see below) is set to 15 and ServerAliveCountMax is left at the default, if the server becomes unresponsive, ssh will disconnect after approximately 45 seconds. This option applies to protocol version 2 only; in protocol version 1 there is no mechanism to request a response from the server to the server alive messages, so disconnection is the responsibility of the TCP stack.

ServerAliveInterval Sets a timeout interval in seconds after which if no data has been received from the server, ssh(1) will send a message through the encrypted channel to request a response from the server. The default is 0, indicating that these messages will not be sent to the server, or 300 if the BatchMode option is set. This option applies to protocol version 2 only. ProtocolKeepAlives and SetupTimeOut are Debian-specific compatibility aliases for this option.

taolu.jpg

参考:

https://15tar.com/linux/2017/07/31/ssh-session-timeout.html

http://einverne.github.io/post/2017/05/ssh-keep-alive.html

https://daemon369.github.io/ssh/2015/03/21/using-ssh-config-file

https://www.jianshu.com/p/1246cfdbe460

https://www.jianshu.com/p/92d60c6c92ef

https://www.hi-linux.com/posts/14346.html

https://stackoverflow.com/questions/25084288/keep-ssh-session-alive

WeZan