inactivity timeout or disconnect

[Farrell Aultman]

I actually need to do this also.  Here is what I am planning:  One way
to do it would be to add another command line option for the idle
timeout.  Another timeout (based on command line) could be added to
the select().  This "case" would check to see if there has been any
activity, and if not, close down the channel (or this dropbear
process?).  If there was activity before the "case" was selected, set
a flag to indicate no activity.  When there is activity on a channel,
set the flag to indicate such (perhaps ignoring SSH_MSG_IGNORE or
SSH_MSG_DEBUG).  (Note, this implementation would actually check for
2x the inactivity specified).  What was done for -K is very similiar
to what needs to be done here.

Farrell

On Mon, Sep 8, 2008 at 9:53 AM, Matt Johnston <matt at ucc.asn.au> wrote:
> On Thu, Sep 04, 2008 at 09:39:12AM +0800, Ming-Ching Tiew wrote:
>> I think most of you failed to read that this is not an interactive remote
>> signon, this is just a reverse port forward executed in batchmode and
>> it does not execute any shell on the server.
>>
>> Anyway I have got some progress by patching the dropbear source code,
>> it does not seem to be that difficult a change. I am testing if it has any
>> undesirable side effects.



> Yes, I think that the only way to accomplish this is to
> modify Dropbear itself (or perhaps make use of some clever
> iptables rules?). There is already the keepalive timeout,
> triggering something similar for any packet other than
> SSH_MSG_IGNORE or SSH_MSG_DEBUG would probably work? If you
> think the patch would be worth merging send it and I'll take
> a look.
>
> On a somewhat related note, apologies for my lack of
> activity on the list lately - I'll try and get back to some
> of the mails and patches that have been sent over the past
> months.
>
> Cheers,
> Matt
>
>