Weird resumable ssh redir question...

William Stearns wstearns at pobox.com
Mon Aug 19 12:30:25 EDT 2002 

Good day, Benjamin, Karl, all,
	(sorry for the late response, hope it might still be useful).

On Sun, 10 Feb 2002, Benjamin Scott wrote:

> On Sun, 10 Feb 2002, Karl J. Runge wrote:
> > So I know I will be using a bunch of local xterms containing remote shells
> > for the bulk of my work.  It will be interesting to see if I can cook up a
> > way to suspend & restore them...

	You can do IP tunneling with Linux.
	The 10 cent tour:
	- You give your laptop a _permanent_ IP address, stolen from a 
remote network.  With permission.  :-)
	- Your connections all use that IP as their source.
	- Another machine on the remote network grabs any packets heading 
to that IP, wraps them up in another packet destined for your dialup 
address, and sends them off.  When they get to your modem, the kernel 
unwraps them and gives the original packet to the application.
	- Outbound packets get tunneled in the same way.

	I've used this quite successfully for the past few months as a way 
to let me keep ssh connections open even when I hang up the phone.

	The setup is a bit annoying; I've written some shell scripts to 
handle the network setup.  They can be found at 
http://www.stearns.org/tunnel/ .  I'd suggest using version 0.2.1.
	When you bring your link up, type:

ssh tunserv /sbin/server_tunnel restart -n wls `/usr/sbin/client_tunnel restart -n wls`

	replace tunserv with the name or IP address of the machine willing 
to tunnel for you, and "wls" with the name of the section in 
/etc/tunnel.conf, present on both client and server.

>   screen(1) provides detachable, transportable terminal emulations, and
> works without X.  Sounds like what you want.

	A good tool, for text based applications.

>   To answer your original question: As you probably know, IP itself is
> stateless.  As long as your IP address does not change, the IP layer will
> not notice if you leave for a year.  In practice, however, things do not
> work as well.  For one, if your gateway is also a connection end-point, any
> applications you have running will barf when the gateway interface goes down
> and the address the socket was bound to disappears.  Additionally, many
> higher-level protocols, including TCP itself, may send "keep-alive" messages
> to make sure the other end is there, and timeout your connection if not.  
> Finally, even fairly "passive" applications like TELNET will timeout if any
> activity occurs on either end while the connection is down.

	You'll want to turn off tcp keepalives, yes.  This can be done 
in the kernel, or in /etc/ssh/sshd_config for just ssh.  You'll also need 
applications that can sit quietly while you're disconnected; I tend to go 
back to a shell prompt when I know I'm going to disconnect.

>   In short, if everything is near-perfect, you *might* be able to recover
> from a very brief lost modem connection.  For "detached sessions", you will
> need something that is explicitly designed to separate any connection state
> from your end.

	I have ssh connections that sit idle for the better part of a day, 
and suspect I could pull off a week or more.  One ssh session to my 
colocated box has been logged in for over a week; I've been typing 
commands on it 10 or more dial up addresses.
	One nice feature; my ISP blocks outbound port 25 SMTP connections, 
but I can get around that with this tunneling scheme.  :-)
	Cheers,
	- Bill

---------------------------------------------------------------------------
        "I disapprove of what you say, but I will defend your right to
say it with all my might."
(Courtesy of Patrick Mauritz <oxygene at studentenbude.ath.cx>)
--------------------------------------------------------------------------
William Stearns (wstearns at pobox.com).  Mason, Buildkernel, named2hosts, 
and ipfwadm2ipchains are at:                        http://www.stearns.org
--------------------------------------------------------------------------

More information about the gnhlug-discuss mailing list