Timeout settings

Matt Johnston matt at ucc.asn.au
Wed Mar 18 22:57:59 AWST 2020


Hi Daniel,

-K is equivalent to the OpenSSH ClientAliveInterval. The server will send traffic to check that the connection is open.

-I will disconnect if there is no traffic for a certain time interval. It won't try to send any traffic over the connection, it just passively looks at what traffic is being sent.

Note that it seems that currently -K messages will cause the -I idle timer to reset which isn't right, there's a pull request https://github.com/mkj/dropbear/pull/90 which I will merge soon.

Cheers,
Matt


> On Wed 18/3/2020, at 7:22 pm, Dániel Fancsali <fancsali at gmail.com> wrote:
> 
> Hello,
> 
> First of all, let me just say this: awesome piece of software. Cheers!
> 
> I am, however, a bit confused about the idle/keepalive settings. I have been working with OpenSSH quite a bit, and do understand the concepts around ServerAlive and ClientAlive as well as the TCPKeepAlive settings. But I still struggle to wrap my head around -K and -I in dropbear. It's a tad bit unclear which one maps to which one; or in other words, which one happends on what layer.
> 
> Maybe, my mistake here is trying to understand those in the context of the OpenSSH settings, but on some level, it's the same protocol.
> 
> So, looking at the code, I think this is what happens:
> - Setting -Kx will send an ssh packed every x seconds, and if there's no answer 3 times in a row, it considers the connection to be dead. So this is essentially ServerAlive/ClientAlive mechanism.
> - Specifying -Iy would say, if there's no incoming or outgoing data for y seconds, it considers the connection dead. So this is sort of the others side of the TCP keepalive coin.
> 
> Is my understanding correct? If not, can someone please shed some light on this for me?
> 
> Regards,
> Daniel



More information about the Dropbear mailing list