EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SSH - dropped connection

Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages
#11563
Posted: 11/05/2009 07:44:08
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

We are using SSH ActiveX controls. We are experiencing a weird situation in production. The SSH Client has been added behind the scenes of a emulator of DG470 terminal session. Things work fine for some time but suddenly the connection drops.
We added SendKeepAlive() calls every second (not recommended) to keep the session alive, but it still drop after sending keepalive messages for upto a minute of inactivity.
The SSH server is openssh running on IBM AIX. We have looked at the configuration of SSH server with IBM and they do not see any configuration where the server would drop the connection.
Have you seen such issue before? Is there anything we can do in the activex controls which will give us more information or which will prevent the connection drops?

Thanks
#11564
Posted: 11/05/2009 07:59:00
by Eugene Mayevski (EldoS Corp.)

1) Do you handle OnError / OnSSHError (whichever is present) event? If yes, is anything reported? This error reports SSH protocol errors. If there's a socket error happening, the exception is thrown.
2) What exactly version of SecureBlackbox are you using? If it's some older version (such as version 6), please try your scenario with version 7.
3) Try to look into server's log if possible. It might contain some useful information about why the connection is dropped.


Sincerely yours
Eugene Mayevski
#11695
Posted: 11/16/2009 15:03:47
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

This is what i see after we trapped the onError events.
Code
<Winsock1_Error>11/16/2009 2:02:30 PM
127 151 156 163 157 143 153 40 150 141 163 40 145 162 162------->Winsock has err
157 162 40 56 40 116 165 155 142 145 162 40 72 40 61------->or . Number : 1
60 60 65 63 40 104 145 163 143 162 151 160 164 151 157------->0053 Descriptio
156 40 72 40 103 157 156 156 145 143 164 151 157 156 40------->n : Connection
151 163 40 141 142 157 162 164 145 144 40 144 165 145 40------->is aborted due
164 157 40 164 151 155 145 157 165 164 40 157 162 40 157------->to timeout or o
164 150 145 162 40 146 141 151 154 165 162 145 40 123 143------->ther failure Sc
157 144 145 40 72 40 40 55 62 61 64 66 70 61 70------->ode :  -2146818
62 63 65 40 123 157 165 162 143 145 40 72 40 103 72------->235 Source : C:
134 127 111 116 104 117 127 123 134 163 171 163 164 145 155------->\WINDOWS\system
63 62 134 155 163 167 151 156 163 143 153 56 157 143 170------->32\mswinsck.ocx
<Winsock1_Error>


According to error code 10053 the host dropped the connection. Please let me know if you have seen this before, or if you have any suggestion. We will on our side do the due dilligence on identifying the issue.
This mostly occurs when the client is connected via a VPN to our server.

thanks
#11697
Posted: 11/16/2009 23:33:04
by Ken Ivanov (EldoS Corp.)

I have already answered to Peter Zheng in the Helpdesk, but have another idea now -- would it be possible for you to check if SimpleSSHDemo (included to the distribution) exposes the same issue?
#11703
Posted: 11/17/2009 07:46:06
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

I have tried the simplesshclient, but there was no set time duration for the issue to occur. It can happen anytime, sometimes two to four hours and sometimes 3 to 6 minutes. Thats why we could not debug this issue properly.
What should we be looking for via the simplesshclient?
#11704
Posted: 11/17/2009 08:22:20
by Ken Ivanov (EldoS Corp.)

Did you have a chance to notice if the disconnect occurs after certain amount of data being transferred (in both directions) or maybe as a result of some particular command?
#11705
Posted: 11/17/2009 08:57:27
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

We did not see disconnects when we used it for a small amount of time.
#11707
Posted: 11/17/2009 09:25:59
by Ken Ivanov (EldoS Corp.)

And is the issue reproducible with some particular command set? In other words, does the sequence of commands that once has caused the disconnect lead to the same disconnect on subsequent attempt?
#11708
Posted: 11/17/2009 09:31:40
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

There is no certain command set. It just happens when the application is running and in many areas of the app.
We are trying to figure out if the network layer assited in the FIN signal from the server to disconnect the client.
We had a situation where one of our clients had a certain firewall and had this issue, but when they switched the firewall day before yesterday, and the issue disappeared on that certain client.
#12461
Posted: 02/17/2010 08:51:08
by Sandeep Mohan (Standard support level)
Joined: 02/25/2009
Posts: 46

The problem was with the sshd configuration on the server. I used the following parameters and that resolved the issue.

TCPKeepAlive no
ClientAliveInterval 300
ClientAliveCountMax 48

Just in case somebody experiences the same. the man pages on sshd_config can give more information on the above parameters.
Also by EldoS: Rethync
The cross-platform framework that simplifies synchronizing data between mobile and desktop applications and servers and cloud storages

Reply

Statistics

Topic viewed 2168 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!