diff options
| author | nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2014-03-29 17:05:35 +0000 |
|---|---|---|
| committer | nbd <nbd@3c298f89-4303-0410-b956-a3cf2f4a3e73> | 2014-03-29 17:05:35 +0000 |
| commit | 1f28f63f248f9a13bb51612e5a90edb333f6d244 (patch) | |
| tree | 2c43817554cd176de779467df4bd83d8722a808b /package/network | |
| parent | a31d36b473e15e210263bd67cbf2a085619892f5 (diff) | |
dropbear: add options SSHKeepAlive and IdleTimeout.
Without timeout mechanism, if ssh client disconnected without sending
FIN or RST, forked dropbear servers would hang there for
KEX_RETRY_TIMEOUT seconds (8 hours).
TCP keepalive is not implemented in dropbear yet, thus the name
SSHKeepAlive.
300 seconds in this patch is selected from the default value of
ServerAliveInterval for Debian ssh client (See man ssh_config).
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@40299 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'package/network')
| -rwxr-xr-x | package/network/services/dropbear/files/dropbear.init | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/package/network/services/dropbear/files/dropbear.init b/package/network/services/dropbear/files/dropbear.init index 93dc3d9694..19aab3653b 100755 --- a/package/network/services/dropbear/files/dropbear.init +++ b/package/network/services/dropbear/files/dropbear.init @@ -44,7 +44,9 @@ validate_section_dropbear() 'rsakeyfile:file' \ 'dsskeyfile:file' \ 'BannerFile:file' \ - 'Port:list(port):22' + 'Port:list(port):22' \ + 'SSHKeepAlive:uinteger:300' \ + 'IdleTimeout:uinteger:0' return $? } @@ -74,6 +76,8 @@ dropbear_instance() [ -n "${BannerFile}" ] && procd_append_param command -b "${BannerFile}" [ -n "${Interface}" ] && network_get_device Interface "${Interface}" append_ports "${Interface}" "${Port}" + [ "${IdleTimeout}" -ne 0 ] && procd_append_param command -I "${IdleTimeout}" + [ "${SSHKeepAlive}" -ne 0 ] && procd_append_param command -K "${SSHKeepAlive}" procd_close_instance } |