HPE Community
Operating System - HP-UX
1834088 Members
2577 Online
110063 Solutions
New Discussion

SSH Hangup on client if server is down

 
Shailesh Joshi
Occasional Advisor

‎04-12-2005 08:24 PM

‎04-12-2005 08:24 PM

SSH Hangup on client if server is down

Hello,

We are using ssh/scp in scripts to browse to different servers. When we try to do ssh/scp from client to server(which is down), client just hangs and does not return causing whole script to hang.

We want ssh/scp to come out after waiting for some amount of time(e.g. 15 secs) and return non zero value.

Is there any solution(like some parameter in sshd_config file) which can prevent this hang?

Tried using TMOUT variable
e.g.
$TMOUT=1 ; ssh "command"; TMOUT=0
But it did not work.

Help please !!!!
Thanks in advance.

Regards,
Shailesh
0 Kudos
Reply
10 REPLIES 10
Michael Selvesteen_2
Trusted Contributor

‎04-12-2005 11:57 PM

‎04-12-2005 11:57 PM

Re: SSH Hangup on client if server is down


Set "ConnectTimeout" directive to value 15 in ssh client configuration file (ssh_config)

This will enforce your ssh client to stop connecting to the server when timeout is reached.

You will see a message as below for an example command

# ssh -l ssh lan.sun.com -o'ConnectTimeout 1' date


ssh: connect to host lan.sun.com port 22: Connection timed out

All The Best !
0 Kudos
Reply
Shailesh Joshi
Occasional Advisor

‎04-13-2005 12:43 AM

‎04-13-2005 12:43 AM

Re: SSH Hangup on client if server is down

Hi Michael,

Thanks for the reply.
Tried doing that, but it seems like ConnectTimeout is not supported option with my SSH version

#ssh -o'ConnectTimeout 1' date
command-line: line 0: Bad configuration option: ConnectTimeout

we are using following version of SSH -
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL
SSH Version Sun_SSH_1.0.1 on another machine

Checked man ssh_config, it has one more parameter ConnectionAttempts [Specifies the number of tries (one per second) to make before exiting. The argument must be an integer. This may be useful in scripts if the connection sometimes fails. The default is 1.]

Tried that too.
ssh -o'ConnectionAttempts 1' date
But it hangs indefinitely.

What else could be the problem?

Regards,
Shailesh
0 Kudos
Reply
Pratyush Paul_1
Valued Contributor

‎04-14-2005 12:13 AM

‎04-14-2005 12:13 AM

Re: SSH Hangup on client if server is down

Hi -

Can you please let us know the version of ssh you are using. the sshd_config is the file which needs modification. And what Mike did was right.

Thanks

Pratyush
Die Hard
0 Kudos
Reply
Ermin Borovac
Honored Contributor

‎04-14-2005 12:44 AM

‎04-14-2005 12:44 AM

Re: SSH Hangup on client if server is down

Version 3.4p1 is way too old. You should upgrade to the latest version (4.0p1) as older versions have many serious security bugs.

Having said that, even 3.4p1 with ConnectionAttempts set to 1, should timeout after about 75 seconds (TCP timeout?).
0 Kudos
Reply
rick jones
Honored Contributor

‎04-14-2005 04:21 AM

‎04-14-2005 04:21 AM

Re: SSH Hangup on client if server is down

Indeed, any application calling connect() to connect to a remote IP (host) that is down (not responding) should have connect() timeout after roughly tcp_ip_abort_cinterval time units on HP-UX 11.X

It would be best to use an applications built-in timout mechanism though as altering tcp_ip_abort_cinterval will affect _all_ applications.

(Yes, that is "cinterval" and not "interval" - tcp_ip_abort_interval is for established connections).

You might consider taking a tusc trace of the client to see if perhaps it is making more than one connect() call.
there is no rest for the wicked yet the virtuous have no pillows
0 Kudos
Reply
Shailesh Joshi
Occasional Advisor

‎04-14-2005 05:43 AM

‎04-14-2005 05:43 AM

Re: SSH Hangup on client if server is down

Hi Ermin,

Thanks a lot for your suggestion regarding Old version of SSH. We are looking to upgarde it.

According to last line in your reply, I checked whether sessions times out after 75 seconds. They do timeout wherever OpenSSH is installed. But on other machines(where we are using SSH Version Sun_SSH_1.0.1) on Solaris, it does not time out and just hangs. Is this a problem with Sun version of SSH? Here we are using is is "SunOS 5.9 Generic_117171-01 sun4u sparc SUNW,Sun-Fire-V240"

Why ConnectionAttempts option does not work with OpenSSH? Is this a bug with version OpenSSH_3.4p1 or there is some other system level problem? Here we are running on "SunOS 5.8 Generic_117350-06 sun4u sparc SUNW,Sun-Fire-880"
Thanks and Regards,
Shailesh
0 Kudos
Reply
RAC_1
Honored Contributor

‎04-14-2005 06:10 AM

‎04-14-2005 06:10 AM

Re: SSH Hangup on client if server is down

How about putting ping host -n 2 before ssh/scp,if it errors, do not do ssh/scp.

Anil
There is no substitute to HARDWORK
0 Kudos
Reply
Ermin Borovac
Honored Contributor

‎04-14-2005 12:21 PM

‎04-14-2005 12:21 PM

Re: SSH Hangup on client if server is down

ConnectionAttempts works OK, as far as I can see. It makes ssh use connect() system call only once if ConnectionAttempts is set to 1. The only difference is connect() timeout, which is different on HP-UX (75 sec) and Solaris (225 sec).

If you install newer version of ssh, you will be able to set ConnectTimeout to use instead of system TCP timeout.

0 Kudos
Reply
Shailesh Joshi
Occasional Advisor

‎04-14-2005 11:52 PM

‎04-14-2005 11:52 PM

Re: SSH Hangup on client if server is down

Hello

Following is the respective outputs of "date ; ssh -p 922 -v -v -v linuxdba ; date" on machines where OpenSSH and Sun_SSH are installed -
Open_SSH
-----------------------------------------------------------------------------
$ssh -V
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090604f
$ date ; ssh -p 922 -v -v -v ; date
Fri Apr 15 01:25:16 EDT 2005
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090604f
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to port .
ssh: connect to address port : Connection timed out
Fri Apr 15 01:29:01 EDT 2005
-----------------------------------------------------------------------------
Sun_SSH
-----------------------------------------------------------------------------
$ date ; ssh -p -v -v -v ; date
Fri Apr 15 01:24:08 EDT 2005
SSH Version Sun_SSH_1.0.1, protocol versions 1.5/2.0.
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: getuid 100 geteuid 100 anon 1
debug1: Connecting to port .
debug1: connect: Connection timed out
debug1: Trying again...
debug1: Connecting to port .
debug1: connect: Connection timed out
debug1: Trying again...
debug1: Connecting to port .
debug1: connect: Connection timed out
debug1: Trying again...
debug1: Connecting to port .
debug1: connect: Connection timed out
Secure connection to on port refused; reverting to insecure method.
Using rsh. WARNING: Connection will not be encrypted.
/usr/bin/rsh -l oracle
.gefa.capital.ge.com: Connection timed out
Fri Apr 15 01:42:55 EDT 2005
-----------------------------------------------------------------------------
On Sun machine is did come out, but after long time, after multiple tries. Is this the default behaviour (To try multiple times) for Sun_SSH? Or some parameter setting in ssh_config which is given below. Do we need "FallBackToRsh yes" in ssh_config file?

Contents of /etc/ssh/ssh_config on Sun machines are -

Host *
Port 922
ForwardAgent no
ForwardX11 yes
# PubkeyAuthentication yes
# PasswordAuthentication yes
FallBackToRsh yes
# UseRsh no
BatchMode no
CheckHostIP no
# StrictHostKeyChecking ask
# EscapeChar ~

Thanks and Regards,
Shailesh
0 Kudos
Reply
Ermin Borovac
Honored Contributor

‎04-15-2005 01:06 AM

‎04-15-2005 01:06 AM

Re: SSH Hangup on client if server is down

It looks like Sun's ssh has different compiled in value for ConnectionAttempts. You can change it by modifying /etc/ssh/ssh_config. If you set ConnectionAttempts to 1 this will reduce connection time to the same value as with OpenSSH.

So modify /etc/ssh/ssh_config as follows

ConnectionAttempts 1
FallBackToRsh no
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.