Print this page
3477 SunSSH config should accept TCPKeepAlive as synonym for KeepAlive
Reviewed by: Jerry Jelinek <jerry@joyent.com>
*** 1,11 ****
'\" te
.\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
.\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
.\" See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the
.\" fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
! .TH SSHD_CONFIG 4 "Mar 26, 2009"
.SH NAME
sshd_config \- sshd configuration file
.SH SYNOPSIS
.LP
.nf
--- 1,12 ----
'\" te
.\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
+ .\" Copyright (c) 2013, Joyent, Inc. All Rights Reserved.
.\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
.\" See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the
.\" fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
! .TH SSHD_CONFIG 4 "Jan 17, 2013"
.SH NAME
sshd_config \- sshd configuration file
.SH SYNOPSIS
.LP
.nf
*** 167,179 ****
.RS 4n
Sets the number of client alive messages, (see \fBClientAliveInterval\fR), that
can be sent without \fBsshd\fR receiving any messages back from the client. If
this threshold is reached while client alive messages are being sent,
\fBsshd\fR disconnects the client, terminating the session. The use of client
! alive messages is very different from \fBKeepAlive\fR. The client alive
messages are sent through the encrypted channel and therefore are not
! spoofable. The TCP keepalive option enabled by \fBKeepAlive\fR is spoofable.
The client alive mechanism is valuable when a client or server depend on
knowing when a connection has become inactive.
.sp
The default value is 3. If \fBClientAliveInterval\fR is set to 15, and
\fBClientAliveCountMax\fR is left at the default, unresponsive \fBssh\fR
--- 168,180 ----
.RS 4n
Sets the number of client alive messages, (see \fBClientAliveInterval\fR), that
can be sent without \fBsshd\fR receiving any messages back from the client. If
this threshold is reached while client alive messages are being sent,
\fBsshd\fR disconnects the client, terminating the session. The use of client
! alive messages is very different from \fBTCPKeepAlive\fR. The client alive
messages are sent through the encrypted channel and therefore are not
! spoofable. The TCP keepalive option enabled by \fBTCPKeepAlive\fR is spoofable.
The client alive mechanism is valuable when a client or server depend on
knowing when a connection has become inactive.
.sp
The default value is 3. If \fBClientAliveInterval\fR is set to 15, and
\fBClientAliveCountMax\fR is left at the default, unresponsive \fBssh\fR
*** 400,410 ****
.RE
.sp
.ne 2
.na
! \fB\fBKeepAlive\fR\fR
.ad
.sp .6
.RS 4n
Specifies whether the system should send keepalive messages to the other side.
If they are sent, death of the connection or crash of one of the machines is
--- 401,411 ----
.RE
.sp
.ne 2
.na
! \fB\fBTCPKeepAlive\fR\fR
.ad
.sp .6
.RS 4n
Specifies whether the system should send keepalive messages to the other side.
If they are sent, death of the connection or crash of one of the machines is