search

Berimor66 / duplicati

Automatically exported from code.google.com/p/duplicati
0 stars 0 forks source link

Constant SSH connection #387

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Startup Shorewall (Firewall)
2. Start Initial backup (13 GB)
3. Program Stops due to connection timed out. 

What is the expected output? What do you see instead?
Continued uploading. 

What version of the product are you using? On what operating system?
1.2 beta 2 64bit on Win 7 64 bit

What backend (destination) are you using?
SSH (SFTP)

Please provide any additional information below.
I have a connection request time limit set on my server's firewall that only 
allows 5 SSH connections opened/closed from the same host within 60 seconds. So 
if more than 5 connections are tried within 60 seconds, the server blocks the 
host. Is there anyway that your program can establish the connection, then send 
the files within the same connection? I have this block setup to prevent brute 
force attempts from the outside. Thanks!

Original issue reported on code.google.com by drbr...@gmail.com on 21 Mar 2011 at 12:23

GoogleCodeExporter commented 9 years ago 
No, not currently.

The unmanaged implementation relies on an external program for executing the 
commands, so it would be fairly difficult to rewrite that part to support a 
continuous connection.

This can be performed more easily with the default managed implementation, as 
there is more control of the link that way.

The reason that it does not keep the connection open, is that there may be a 
large delay between each file upload (busy, pause, etc.) so the connection may 
time out. By re-opening the connection between each operation, it also ensures 
that errors do not pile up, so one transfer may affect the outcome of another.

I will try to see if this can be fixed in 2.0, as it can also improve 
performance a bit.

In the meantime, have you considered something like denyhosts:
http://denyhosts.sourceforge.net/

I have used that on my servers for a long time, and it generally catches all 
brute force attacks.

Original comment by kenneth@hexad.dk on 21 Mar 2011 at 11:39

GoogleCodeExporter commented 9 years ago 
Alright! That is good to know! Thanks for the tip on DenyHosts. It looks very 
good!

Original comment by drbr...@gmail.com on 21 Mar 2011 at 3:14

GoogleCodeExporter commented 9 years ago 
This is now fixed in trunk a new preview release will be up shortly.

Original comment by kenneth@hexad.dk on 24 Sep 2011 at 11:41