Re: Timers and Timeouts in the SSH Transport Protocol

To: ietf-ssh%netbsd.org@localhost
Subject: Re: Timers and Timeouts in the SSH Transport Protocol
From: Simon Tatham <anakin%pobox.com@localhost>
Date: Tue, 02 Jul 2002 16:36:10 +0100

Dan Davidson  <dan.davidson%commatch.com@localhost> wrote:
> 	- A TCP/IP connection on port 22 was setup.
> 	- The server sent the identification string
> 		"SSH-protoversion-softwareversion" but didn't
> 		receive such a message/string from the remote side.
> 
> Should there be a re-transmission ? 
> Should the connection be disconnected after a T timeout
> 	- What is the timer length ?

There certainly shouldn't be a retransmission! That's what TCP is
for - it will retransmit it _anyway_ until it either gets an ACK
from the client's TCP layer, and if the client fails to see it after
that then no more retransmissions are likely to help.

The server probably should disconnect after a while, because if it
doesn't then a DoS attack becomes possible. I wouldn't have thought
it was necessary to specify that timeout precisely in the protocol
definition, though; it's up to individual server maintainers. If you
find you're getting a lot of hanging connections, reduce the
timeout; if you find a lot of users are complaining that your server
cuts them off before they can send anything, increase it.
-- 
Simon Tatham         "Selfless? I'm so selfless I
<anakin%pobox.com@localhost>    don't even know who I am."

References:
- Timers and Timeouts in the SSH Transport Protocol
  - From: Dan Davidson

Prev by Date: Timers and Timeouts in the SSH Transport Protocol
Next by Date: RE: Timers and Timeouts in the SSH Transport Protocol
Previous by Thread: Timers and Timeouts in the SSH Transport Protocol
Next by Thread: RE: Timers and Timeouts in the SSH Transport Protocol
Indexes:

Home | Main Index | Thread Index | Old Index