[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SSH connection timeout?



On 2/16/07, Wes Hardin <whardin dalsemi com> wrote:
 > What the parent process is doesn't matter though as long as sshd is in
 > the cmdline for whatever it is.

Agreed.  The script assumes there probably aren't going to be many things that
spawn a shell that include "sshd" in the cmdline.

 > sshd in there it sets TMOUT. So why wouldn't it set TMOUT if I just
 > ran that telnet command?

Are you worried about it setting TMOUT on the machine you're on or the one
you're connecting to?  Remember, the command you run has to start a shell as a
child process for this to take effect, and even then, it would only affect the
child.  Running "ls sshd" is not going to have any effect on your current shell.

It seems you're using a Kerberized telnet configuration, so I can't test that
exactly, but with my own simple telnet test, the parent process for my shell
after telnet'ing was "login --username".  Your telnet client does not spawn the
shell, so the cmdline for telnet client is irrelevant.  Unless your username
contains "sshd", "sshd" shouldn't appear in the remote shell's parent process
cmdline when telnet'ing.  Same goes for rsh.

Now if you ran "xterm -lf sshd", that would incorrectly set TMOUT.

Good analysis. I really didn't want to think about it this much. Just
pointing out to the person who was using it that it might apply to
something unexpected, especially since it was intentionally crafted to
only catch ssh connections. With your help and that of others he can
now think some about whether he cares and what to do about it if he
does. I tend to have the opposite problem of not wanting my ssh
connections to go away. :)

John


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]