<div dir="ltr">Hmm dbclient worked well for me after that patch. But I was connecting to a dropbear server, not OpenSSL server...<div><br><div>I've migrated to OpenWRT with 8MB of flash too, and I ended up rewriting my own tunnel solution based on OpenSSL. There are much smaller SSL clients out there that can be used for free for non-commercial products, but requires to pay for a license for commercial use. I don't remember exactly the name of the one we looked at (that was few years ago).</div>
<div><br></div><div>Regards,</div><div>Fabrizio</div><div><br></div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Sat, Jul 5, 2014 at 2:14 AM, Jesse Molina <span dir="ltr"><<a href="mailto:jesse@opendreams.net" target="_blank">jesse@opendreams.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
Fabrizio Bertocci contacted me and let me know that this seems to be a known issue.<br>
<br>
<a href="https://www.mail-archive.com/dropbear@ucc.asn.au/msg00701.html" target="_blank">https://www.mail-archive.com/<u></u>dropbear@ucc.asn.au/msg00701.<u></u>html</a><br>
<br>
<a href="https://www.mail-archive.com/dropbear@ucc.asn.au/msg00980.html" target="_blank">https://www.mail-archive.com/<u></u>dropbear@ucc.asn.au/msg00980.<u></u>html</a><br>
<br>
<br>
<br>
The work I am doing is on an OpenWRT device with 8MB of flash, so local space is very limited. I had to install the OpenSSL client yesterday, which took up nearly an additional 2MB of space, but at least it works. It would be nice to use dbclient instead, but it's idle timer is just straight-up broken when used with -N -R.<br>
<br>
This works as expected with OpenSSL client:<br>
<br>
ssh -i $SSH_KEYFILE -o "ServerAliveInterval=15" -o "ServerAliveCountMax=4" -N -R $SSH_PROXY_PORT:localhost:22 $SSH_USER@$SSH_HOST<div class="HOEnZb"><div class="h5"><br>
<br>
<br>
<br>
On 7/4/14, 3:57, Jesse Molina wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
Hello<br>
<br>
I am doing this:<br>
<br>
ssh -K 3 -I 60 -i keyfile -N -R 2222:localhost:22 user@host<br>
<br>
I am intending a dropbear ssh client to set up a reverse proxy connection to a server, so I am using -N and -R.<br>
<br>
I am also using -K and -I so that the connection sends keepalives and will timeout if the network is disrupted.<br>
<br>
My problem is that the above results in the session dying 60 seconds after setup is finished because the idle timeout is being hit. I am not sure how -I is metering inbound traffic, but it's apparently not picking up anything.<br>
<br>
Note that I have "ClientAliveInterval 15" set on the sshd_config server side. I would expect dropbear to count this traffic towards -I.<br>
<br>
Without -I above, it took my device 18 minutes to figure out that I had pulled the network out from under it by shutting down the interface. That isn't acceptable.<br>
<br>
Can dropbear do this, or do I need to use openssh? I get the feeling after reading what I have read that dropbear is too simple to figure out when the server has gone away in most situations.<br>
<br>
<br>
<br>
Relevant:<br>
<br>
<a href="https://www.mail-archive.com/dropbear@ucc.asn.au/msg00978.html" target="_blank">https://www.mail-archive.com/<u></u>dropbear@ucc.asn.au/msg00978.<u></u>html</a><br>
<br>
<a href="https://www.mail-archive.com/dropbear@ucc.asn.au/msg00648.html" target="_blank">https://www.mail-archive.com/<u></u>dropbear@ucc.asn.au/msg00648.<u></u>html</a><br>
<br>
<a href="https://www.mail-archive.com/dropbear@ucc.asn.au/msg00402.html" target="_blank">https://www.mail-archive.com/<u></u>dropbear@ucc.asn.au/msg00402.<u></u>html</a><br>
<br>
Thanks in advance.<br>
</blockquote>
<br>
</div></div></blockquote></div><br></div>