Anand Buddhdev wrote: > 3. ProxyCommand ssh -W [%h]:%p proxyhost > 4. ProxyJump proxyhost .. > Methods #3 and #4 are essentially the same, and have the main advantage > of not requiring any extra utilities on the proxy server. But they have > one disadvantage that I've not been able to solve. They don't offer me > any way to control the TCP timeout, and so I get the OS default, which > is too long. .. > So my question is: is there any way I can influence the timeout that > sshd on the proxy uses for making the TCP connection to the target when > using methods #3, #4 or #5? #3 and #4 open a "direct-tcpip" channel within the SSH session. The open message doesn't support specifying a timeout, or any way to extend it with more/new parameters. You would have to extend the SSH protocol upstream and waiting for the extension to be supported by all your proxy hosts. Alterantively, if you control all proxy hosts and all clients then you can hack something. \o/ Maybe a variant of the "direct-tcpip" channel open message that takes an extra uint32 timeout, or you could steal a few bits from uint32 initial window size or uint32 maximum packet size to encode your desired timeout. (See RFC 4254 for full details of the channel open message.) //Peter _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
