diff options
-rw-r--r-- | readconf.c | 14 | ||||
-rw-r--r-- | ssh_config.5 | 21 | ||||
-rw-r--r-- | sshd_config.5 | 3 |
3 files changed, 34 insertions, 4 deletions
diff --git a/readconf.c b/readconf.c index 32a729574..0b1370a8e 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -173,6 +173,7 @@ typedef enum { | |||
173 | oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, | 173 | oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, |
174 | oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, | 174 | oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, |
175 | oPubkeyAcceptedKeyTypes, oProxyJump, | 175 | oPubkeyAcceptedKeyTypes, oProxyJump, |
176 | oProtocolKeepAlives, oSetupTimeOut, | ||
176 | oIgnoredUnknownOption, oDeprecated, oUnsupported | 177 | oIgnoredUnknownOption, oDeprecated, oUnsupported |
177 | } OpCodes; | 178 | } OpCodes; |
178 | 179 | ||
@@ -321,6 +322,8 @@ static struct { | |||
321 | { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes }, | 322 | { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes }, |
322 | { "ignoreunknown", oIgnoreUnknown }, | 323 | { "ignoreunknown", oIgnoreUnknown }, |
323 | { "proxyjump", oProxyJump }, | 324 | { "proxyjump", oProxyJump }, |
325 | { "protocolkeepalives", oProtocolKeepAlives }, | ||
326 | { "setuptimeout", oSetupTimeOut }, | ||
324 | 327 | ||
325 | { NULL, oBadOption } | 328 | { NULL, oBadOption } |
326 | }; | 329 | }; |
@@ -1417,6 +1420,8 @@ parse_keytypes: | |||
1417 | goto parse_flag; | 1420 | goto parse_flag; |
1418 | 1421 | ||
1419 | case oServerAliveInterval: | 1422 | case oServerAliveInterval: |
1423 | case oProtocolKeepAlives: /* Debian-specific compatibility alias */ | ||
1424 | case oSetupTimeOut: /* Debian-specific compatibility alias */ | ||
1420 | intptr = &options->server_alive_interval; | 1425 | intptr = &options->server_alive_interval; |
1421 | goto parse_time; | 1426 | goto parse_time; |
1422 | 1427 | ||
@@ -2070,8 +2075,13 @@ fill_default_options(Options * options) | |||
2070 | options->rekey_interval = 0; | 2075 | options->rekey_interval = 0; |
2071 | if (options->verify_host_key_dns == -1) | 2076 | if (options->verify_host_key_dns == -1) |
2072 | options->verify_host_key_dns = 0; | 2077 | options->verify_host_key_dns = 0; |
2073 | if (options->server_alive_interval == -1) | 2078 | if (options->server_alive_interval == -1) { |
2074 | options->server_alive_interval = 0; | 2079 | /* in batch mode, default is 5mins */ |
2080 | if (options->batch_mode == 1) | ||
2081 | options->server_alive_interval = 300; | ||
2082 | else | ||
2083 | options->server_alive_interval = 0; | ||
2084 | } | ||
2075 | if (options->server_alive_count_max == -1) | 2085 | if (options->server_alive_count_max == -1) |
2076 | options->server_alive_count_max = 3; | 2086 | options->server_alive_count_max = 3; |
2077 | if (options->control_master == -1) | 2087 | if (options->control_master == -1) |
diff --git a/ssh_config.5 b/ssh_config.5 index ec60273ea..e4eaa5ae0 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -250,8 +250,12 @@ Valid arguments are | |||
250 | If set to | 250 | If set to |
251 | .Cm yes , | 251 | .Cm yes , |
252 | passphrase/password querying will be disabled. | 252 | passphrase/password querying will be disabled. |
253 | In addition, the | ||
254 | .Cm ServerAliveInterval | ||
255 | option will be set to 300 seconds by default (Debian-specific). | ||
253 | This option is useful in scripts and other batch jobs where no user | 256 | This option is useful in scripts and other batch jobs where no user |
254 | is present to supply the password. | 257 | is present to supply the password, |
258 | and where it is desirable to detect a broken network swiftly. | ||
255 | The argument must be | 259 | The argument must be |
256 | .Cm yes | 260 | .Cm yes |
257 | or | 261 | or |
@@ -1509,7 +1513,14 @@ from the server, | |||
1509 | will send a message through the encrypted | 1513 | will send a message through the encrypted |
1510 | channel to request a response from the server. | 1514 | channel to request a response from the server. |
1511 | The default | 1515 | The default |
1512 | is 0, indicating that these messages will not be sent to the server. | 1516 | is 0, indicating that these messages will not be sent to the server, |
1517 | or 300 if the | ||
1518 | .Cm BatchMode | ||
1519 | option is set (Debian-specific). | ||
1520 | .Cm ProtocolKeepAlives | ||
1521 | and | ||
1522 | .Cm SetupTimeOut | ||
1523 | are Debian-specific compatibility aliases for this option. | ||
1513 | .It Cm StreamLocalBindMask | 1524 | .It Cm StreamLocalBindMask |
1514 | Sets the octal file creation mode mask | 1525 | Sets the octal file creation mode mask |
1515 | .Pq umask | 1526 | .Pq umask |
@@ -1568,6 +1579,12 @@ Specifies whether the system should send TCP keepalive messages to the | |||
1568 | other side. | 1579 | other side. |
1569 | If they are sent, death of the connection or crash of one | 1580 | If they are sent, death of the connection or crash of one |
1570 | of the machines will be properly noticed. | 1581 | of the machines will be properly noticed. |
1582 | This option only uses TCP keepalives (as opposed to using ssh level | ||
1583 | keepalives), so takes a long time to notice when the connection dies. | ||
1584 | As such, you probably want | ||
1585 | the | ||
1586 | .Cm ServerAliveInterval | ||
1587 | option as well. | ||
1571 | However, this means that | 1588 | However, this means that |
1572 | connections will die if the route is down temporarily, and some people | 1589 | connections will die if the route is down temporarily, and some people |
1573 | find it annoying. | 1590 | find it annoying. |
diff --git a/sshd_config.5 b/sshd_config.5 index 3f819c76a..41ec66887 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -1447,6 +1447,9 @@ This avoids infinitely hanging sessions. | |||
1447 | .Pp | 1447 | .Pp |
1448 | To disable TCP keepalive messages, the value should be set to | 1448 | To disable TCP keepalive messages, the value should be set to |
1449 | .Cm no . | 1449 | .Cm no . |
1450 | .Pp | ||
1451 | This option was formerly called | ||
1452 | .Cm KeepAlive . | ||
1450 | .It Cm TrustedUserCAKeys | 1453 | .It Cm TrustedUserCAKeys |
1451 | Specifies a file containing public keys of certificate authorities that are | 1454 | Specifies a file containing public keys of certificate authorities that are |
1452 | trusted to sign user certificates for authentication, or | 1455 | trusted to sign user certificates for authentication, or |