In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-15 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >
Share
Shulou(Shulou.com)06/01 Report--
Ssh tunneling technology is mainly used:
The reason why the tunnel is often automatically disconnected: the tunnel may be disconnected for some reasons, such as machine restart, no data communication for a long time, being cut off by the router, and so on.
OpenSSH for security reasons, if a user is idle for a period of time after connecting to SSH Server, SSH Server will automatically terminate the SSH connection after a certain time has elapsed.
To maintain a long connection, we need to understand these parameters:
TCPKeepAlive yes/no for ssh and sshd
ClientAliveCountMax for sshd
ClientAliveInterval for sshd
ServerAliveCountMax for ssh
ServerAliveInterval for ssh
To enable the keep alive system-wide (root access required), edit / etc/ssh/ssh_config; to set the settings for just your user, edit ~ / ssh/config (create the file if it doesn't exist). Insert the following:
Host *
ServerAliveInterval 300
ServerAliveCountMax 2
You can also make your OpenSSH server keep alive all connections with clients by adding the following to / etc/ssh/sshd_config:
ClientAliveInterval 300
ClientAliveCountMax 2
Connection idle timeout setting
ServerAliveCountMax
Sets the number of server alive messages (see below) which may be sent without ssh (1) receiving any messages back from the server. If this threshold is reached while server alive messages are being sent, ssh will disconnect from the server, terminating the session. It is important to note that the use of server alive messages is very different from TCPKeepAlive (below). The server alive messages are sent through the encrypted channel and therefore will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable. The server alive mechanism is valuable when the client or server depend on knowing when a connection has become inactive.
The default value is 3. If, for example, ServerAliveInterval (see below) is set to 15 and ServerAliveCountMax is left at the default, if the server becomes unresponsive, ssh will disconnect after approximately 45 seconds. This option applies to protocol version 2 only; in protocol version 1 there is no mechanism to request a response from the server to the server alive messages, so disconnection is the responsibility of the TCP stack.
ServerAliveInterval
Sets a timeout interval in seconds after which if no data has been received from the server, ssh (1) will send a message through the encrypted channel to request a response from the server. The default is 0, indicating that these messages will not be sent to the server, or 300 if the BatchMode option is set. This option applies to protocol version 2 only. ProtocolKeepAlives and SetupTimeOut are Debian-specific compatibility aliases for this option.
Here are the explanations of several parameters:
TCPKeepAlive Specifies whether the system should send TCP keepalive messages to the other side. If they are sent, death of the connection or crash of one of the machines will be properly noticed. However, this means that connections will die if the route is down tem- porarily, and some people find it annoying. On the other hand, if TCP keepalives are not sent, sessions may hang indefinitely on the server, leaving "ghost" users and consuming server resources. The default is "yes" (to send TCP keepalive messages), and the server will notice if the network goes down or the client host crashes. This avoids infinitely hanging sessions. To disable TCP keepalive messages, the value should be set to "no". ClientAliveCountMax Sets the number of client alive messages (see below) which may be sent without sshd (8) receiving any messages back from the client. If this threshold is reached while client alive messages are being sent, sshd will disconnect the client, terminating the ses- sion. It is important to note that the use of client alive mes- sages is very different from TCPKeepAlive (below). The client alive messages are sent through the encrypted channel and there- fore will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable. The client alive mechanism is valu- able when the client or server depend on knowing when a connec- tion has become inactive. The default value is 3. If ClientAliveInterval (see below) is set to 15, and ClientAliveCountMax is left at the default, unre- sponsive SSH clients will be disconnected after approximately 45 seconds. This option applies to protocol version 2 only. ClientAliveInterval Sets a timeout interval in seconds after which if no data has been received from the client, sshd (8) will send a message through the encrypted channel to request a response from the client. The default is 0, indicating that these messages will not be sent to the client. This option applies to protocol ver- sion 2 only. ServerAliveInterval Sets a timeout interval in seconds after which if no data has been received from the server, ssh (1) will send a message through the encrypted channel to request a response from the server. The default is 0, indicating that these messages will not be sent to the server. This option applies to protocol version 2 only. ServerAliveCountMax Sets the number of server alive messages (see below) which may be sent without ssh (1) receiving any messages back from the server. If this threshold is reached while server alive messages are being sent, ssh will disconnect from the server, terminating the session. It is important to note that the use of server alive messages is very different from TCPKeepAlive (below). The server alive messages are sent through the encrypted channel and there- fore will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable. The server alive mechanism is valu- able when the client or server depend on knowing when a connec- tion has become inactive. The default value is 3. If, for example, ServerAliveInterval (see below) is set to 15 and ServerAliveCountMax is left at the default, if the server becomes unresponsive, ssh will disconnect after approximately 45 seconds. This option applies to protocol version 2 only.
#! / bin/bash
#
# date:2016-12-20 #
# author:victor #
# description: #
# this shell script is for improving the network performance to www.google.com#
#
Ssh_Pid= `ps aux | grep' 192.168.1.53' | grep-v 'grep' | awk' {print $2}'`
Kill $Ssh_Pid
Ssh-f-w 0:0 192.168.1.53 true
Ifconfig tun0 192.168.100.2 netmask 255.255.255.252
Ssh root@192.168.1.53 "ifconfig tun0 192.168.100.1 netmask 255.255.255.252"
Route add-host 192.168.1.53 dev eth0
Route del-net 0.0.0.0
Route add-net 0.0.0.0 dev tun0
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.