我遇到过一些情况,我的 Linux 操作系统上的 SSH 连接会处于空闲、冻结和保持打开状态。最终,这会导致 fork 炸弹和以下错误消息:
/etc/profile.d/locallib.sh: fork: retry: No child processes
/etc/profile.d/locallib.sh: fork: Resource temporarily unavailable
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: unexplained error (code 254) at io.c(226) [sender=3.1.1]
设置以下配置是否可以~/.ssh/ssh_config防止这些闲置的 SSH 连接?
Host *
ClientAliveCountMax 3
ClientAliveInterval 0
答案1
我相信您正在寻找的设置是:
ServerAliveInterval 120
ServerAliveCountMax 2
来自 man ssh_config:
ServerAliveCountMax
Sets the number of server alive messages (see below) which may be sent
without ssh(1) receiving any messages back from the server. If this
threshold is reached while server alive messages are being sent, ssh
will disconnect from the server, terminating the session. It is
important to note that the use of server alive messages is very dif‐
ferent from TCPKeepAlive (below). The server alive messages are sent
through the encrypted channel and therefore will not be spoofable.
The TCP keepalive option enabled by TCPKeepAlive is spoofable. The
server alive mechanism is valuable when the client or server depend on
knowing when a connection has become inactive.
The default value is 3. If, for example, ServerAliveInterval (see
below) is set to 15 and ServerAliveCountMax is left at the default, if
the server becomes unresponsive, ssh will disconnect after approxi‐
mately 45 seconds.
ServerAliveInterval
Sets a timeout interval in seconds after which if no data has been
received from the server, ssh(1) will send a message through the
encrypted channel to request a response from the server. The default
is 0, indicating that these messages will not be sent to the server.