SSH Session closed after 48 seconds idle

tg123 / sshpiper

The missing reverse proxy for ssh scp

https://sshpiper.com/

MIT License

974 stars 132 forks source link

SSH Session closed after 48 seconds idle #383

Closed Nils98Ar closed 4 months ago

Nils98Ar commented 4 months ago

Any idea how to troubleshoot this?

time="2024-05-16T13:04:34Z" level=info msg="ssh connection pipe created XXX.XXX.XXX.XXX:12295 (username [user-src]) -> ZZZ.ZZZ.ZZZ.ZZZ:22 (username [user-dest])"
time="2024-05-16T13:04:36Z" level=debug msg="connection accepted: YYY.YYY.YYY.YYY:35197"
time="2024-05-16T13:05:24Z" level=info msg="connection from XXX.XXX.XXX.XXX:12295 closed reason: EOF"
time="2024-05-16T13:05:26Z" level=debug msg="connection from YYY.YYY.YYY.YYY:35197 establishing failed reason: EOF"

Nils98Ar commented 4 months ago

The upstream side sshd only logs:

sshd[706]: pam_unix(sshd:session): session closed for user user-dest
sshd[678]: syslogin_perform_logout: logout() returned an error

tg123 commented 4 months ago

can you ssh -vv to user-dest @ zzz directly without piper? likely zzz closed connection and did not give any reason

aytugaov commented 4 months ago

Without using the sshpiper (directly ssh from pod to pod) the ssh session is not closed. Even after minutes of idle. Do you need any logs?

tg123 commented 4 months ago

any luck to capture package? wish to know which side initiated the close

could you please also add keepalive at client side? (downstream, ssh client)

Nils98Ar commented 4 months ago

Was not a problem of sshpiper :) 50.000ms where the default timeouts on the loadbalancer...

In our case (OpenStack) we increased it to 24 hours via annotations in the k8s loadbalancer type service:

apiVersion: v1
kind: Service
metadata:
  annotations:
    loadbalancer.openstack.org/timeout-client-data: "86400000"
    loadbalancer.openstack.org/timeout-member-data: "86400000"
[...]

Thank you for your help!