|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Question re. SSH
>>>>> "ss" == Steve Sobol <[email protected]> writes: ss> Apologies in advance for any operational content this may contain. ss> I have a customer who wants to get a static ip with his dialup. He ss> uses SSH extensively and plans to do X11 forwarding, and if he ss> gets disconnected and redials and gets another IP the previous ss> sessions would be inaccessible. ss> I can do static IP but I want to try to save the guy a couple ss> bucks. :) ss> Would a static IP be required to make sure he doesn't lose those ss> X11 sessions after a disconnect? Required, but not sufficient. The TCP stack on each side must remain up continuously. If his TCP stack resets and he redials, the first packet he gets from the far end will be met with an RST, and tear down the connection. The easiest way to do this is to put the modem on a system different from the SSH endpoint (router, NAT, FW, whatever). If you are using a NAT or FW in between, it's critical that the state/translation tables not be flushed when the dial interface goes down/up. Of course, if you're running TCP or ssh keepalives (or ssh2 rekeying), and that happens when the link is down, your connection will go away anyway. The proper way to do this is with an X analog of screen. VNC is one possibility. VNC is free, and this would not require a static IP. Then again, we're talking dialup here. Your customer should do this a couple of times before he gets dead set on it. Even with LBX and compression on the SSH session, X over dialup is unpleasant. ericb -- Eric Brandwine | The Windows NT philosophy always chooses ease - both UUNetwork Security | ease of use and ease of development - over security. [email protected] | +1 703 886 6038 | - Bruce Schneier Key fingerprint = 3A39 2C2F D5A0 FC7C 5F60 4118 A84A BD5D 59D7 4E3E
|