ONTAP Hardware

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Hardware

Ask a Question

SSH disconnects after 60mins - unexpectedly closed network connection

GREG_WALKER
‎2011-09-26 05:23 AM
28,375 Views

Hi all,

I've got an issue across all 4 of our v3240 filers (2 HA pairs).  I am connecting to them via ssh, using public key encryption to authenticate to root account without any isue.  I can work with the filers for exactly an hour, before I get booed out of my ssh session with "Server unexpectedly closed network connection".  This happens with both Putty and Kitty ssh clients, and I have disabled all the autologout options i can find, and set all timeouts to over 60mins, but it is still disconnecting me.  It happens regardless of activity within the session, sometimes I am in the middle of entering commands when it kicks me out. 

toaster> options autologout

autologout.console.enable    off        (value might be overwritten in takeover)

autologout.console.timeout   540        (value might be overwritten in takeover)

autologout.telnet.enable     off        (value might be overwritten in takeover)

autologout.telnet.timeout    2880       (value might be overwritten in takeover)

toaster> options ssh

ssh.access                   *

ssh.enable                   on

ssh.idle.timeout             31536000

ssh.passwd_auth.enable       on

ssh.port                     22

ssh.pubkey_auth.enable       on

ssh1.enable                  off

ssh2.enable                  on

0 Kudos
View By:
1 ACCEPTED SOLUTION

RAESIDEPAUL
‎2011-11-16 07:58 AM
28,372 Views

open putty > got to change settings > connection > ssh > kex  change "Max Minutes before rekey (0 for no limit)" to 0 for no limit. I bet yours is set to 60 right now...

View solution in original post

10 REPLIES 10

aborzenkov
‎2011-09-26 05:28 AM
28,310 Views

Do you have any firewall, NAT or similar device in the network path?

0 Kudos

GREG_WALKER
‎2011-09-26 06:04 AM
In response to aborzenkov
28,310 Views

No, there is a WAN link between myself and one pair, but I am in the office next to one datacentre with an affected pair.  There's no firewall configured on my workstation either.  I'm certain it's the filers that are disconnecting me, as I often open up 4 KiTTY sessions to each of the filers one after another.  It takes me a few seconds of clicking to launch each session in turn, and one hour later, I can see the disconnect messages appear with the same few secconds between each session.

0 Kudos

RAESIDEPAUL
‎2011-11-16 07:58 AM
28,373 Views

open putty > got to change settings > connection > ssh > kex  change "Max Minutes before rekey (0 for no limit)" to 0 for no limit. I bet yours is set to 60 right now...

TINKERDUDE1
‎2012-01-13 11:59 PM
In response to RAESIDEPAUL
28,309 Views

I had the exact same problem. Drove me nuts for months. But RAESIDEPAUL got it right (putty ssh/kex timeout config) and all is well now. RAESIDEPAUL should get credit for a correct answer.

TONY_BARNETT
‎2012-09-07 08:46 AM
In response to RAESIDEPAUL
28,310 Views

I made this change in putty and still get disconnected exactly 60 minutes after login.

filer2> options autologout

autologout.console.enable    on         (value might be overwritten in takeover)

autologout.console.timeout   300        (value might be overwritten in takeover)

autologout.telnet.enable     on         (value might be overwritten in takeover)

autologout.telnet.timeout    300        (value might be overwritten in takeover)

filer2> options ssh

ssh.access                   *

ssh.enable                   on

ssh.idle.timeout             0

ssh.passwd_auth.enable       on

ssh.port                     22

ssh.pubkey_auth.enable       on

ssh1.enable                  off

ssh2.enable                  on

0 Kudos

TONY_BARNETT
‎2012-09-13 12:54 PM
In response to TONY_BARNETT
28,309 Views

Disregard.  I made a boo-boo.  This did fix my issue also. 

Thanks!

0 Kudos

NICOLAS_MELAY
‎2013-05-06 08:15 AM
In response to RAESIDEPAUL
28,310 Views

As could be guessed from its name, fiddling with rekey settings is not a good idea security wise.

You should NOT do this.

http://the.earth.li/~sgtatham/putty/0.58/htmldoc/Chapter4.html#config-ssh-kex-rekey

If you change it anyway, do so on a custom saved session, not in the default PuTTY session.

The real fix for this problem lies in NetApp's hands: ONTAP's SSH server needs rekey support.

Edit:

The NetApp bug has actually been accounted for by PuTTY's developper, and there's a workaround.

You just need to enable it in the "bugs" page.

That's much better than totally disabling rekeying.

Have been using it for the last few days, so far so good.

XQ10907RS
‎2014-08-04 02:26 AM
In response to NICOLAS_MELAY
28,310 Views

this workaround works for me,thanks!

0 Kudos

koumoun_nik
‎2015-05-28 10:03 AM
In response to NICOLAS_MELAY
13,672 Views

anks a lot this was the proper answer, it solved my problem as well.

0 Kudos

GVM666GVM
‎2012-10-16 02:29 AM
28,310 Views

RAESIDEPAUL

You are totally right fixed my problem as well!

GREG.WALKER: please mark this thread as solved if it was for you.

0 Kudos
All Community Forums
Public