IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Timers and Timeouts in the SSH Transport Protocol
Dan Davidson <dan.davidson%commatch.com@localhost> wrote:
> - A TCP/IP connection on port 22 was setup.
> - The server sent the identification string
> "SSH-protoversion-softwareversion" but didn't
> receive such a message/string from the remote side.
>
> Should there be a re-transmission ?
> Should the connection be disconnected after a T timeout
> - What is the timer length ?
There certainly shouldn't be a retransmission! That's what TCP is
for - it will retransmit it _anyway_ until it either gets an ACK
from the client's TCP layer, and if the client fails to see it after
that then no more retransmissions are likely to help.
The server probably should disconnect after a while, because if it
doesn't then a DoS attack becomes possible. I wouldn't have thought
it was necessary to specify that timeout precisely in the protocol
definition, though; it's up to individual server maintainers. If you
find you're getting a lot of hanging connections, reduce the
timeout; if you find a lot of users are complaining that your server
cuts them off before they can send anything, increase it.
--
Simon Tatham "Selfless? I'm so selfless I
<anakin%pobox.com@localhost> don't even know who I am."
Home |
Main Index |
Thread Index |
Old Index