From 05144cbebf6aef61ec21c67e6ccf6b46540ca5a2 Mon Sep 17 00:00:00 2001 From: Dominic Reich Date: Sun, 6 Oct 2024 20:33:08 +0200 Subject: [PATCH] add and publish new post about the conservative firewall setting to not break ssh connections --- .../OpenSSH_logo.thumb.jpg | 3 ++ .../2024/70-stalled-ssh-connections/index.md | 32 +++++++++++++++++++ 2 files changed, 35 insertions(+) create mode 100644 content/posts/2024/70-stalled-ssh-connections/OpenSSH_logo.thumb.jpg create mode 100644 content/posts/2024/70-stalled-ssh-connections/index.md diff --git a/content/posts/2024/70-stalled-ssh-connections/OpenSSH_logo.thumb.jpg b/content/posts/2024/70-stalled-ssh-connections/OpenSSH_logo.thumb.jpg new file mode 100644 index 0000000..5974003 --- /dev/null +++ b/content/posts/2024/70-stalled-ssh-connections/OpenSSH_logo.thumb.jpg @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4132f77750b23fc428e91e317dbe7b7295577e7bce6f69d25bb0450fdb8649b7 +size 19787 diff --git a/content/posts/2024/70-stalled-ssh-connections/index.md b/content/posts/2024/70-stalled-ssh-connections/index.md new file mode 100644 index 0000000..6a780cb --- /dev/null +++ b/content/posts/2024/70-stalled-ssh-connections/index.md @@ -0,0 +1,32 @@ +--- +title: Stalled SSH connections +summary: > + My firewall removed valid connections obviosly. + This is how I solved it. +date: 2024-10-06T19:30:17+02:00 +# lastmod: 2024-08-18T14:20:52+0000 +categories: + - computerstuff +tags: + - networking + - pfSense + - openssh + - selfhost +--- + +I spent some time adjusting my SSH configuration because I often get stalled +connections to my servers but I never got that fixed until recently, when I +started looking in my firewall settings on the pfSense. + +After changing the Firewall Optimization Settings within +SystemAdvancedFirewall & NAT to +Conservative I had no more of these hangs of my SSH sessions. + +I use the `ControlMaster` setting in my SSH configuration so the stalled +connections have to be killed with something like + +```console +$ ssh -O exit {short hostname} +``` + +every time -- which is annoying.