Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Constant SSH connection #387

Closed
kenkendk opened this issue Aug 5, 2014 · 3 comments
Closed

Constant SSH connection #387

kenkendk opened this issue Aug 5, 2014 · 3 comments
Labels
enhancement imported

Comments

@kenkendk
Copy link
Member

kenkendk commented Aug 5, 2014

From drbr...@gmail.com on March 21, 2011 01:23:18

What steps will reproduce the problem? 1. Startup Shorewall (Firewall)
2. Start Initial backup (13 GB)
3. Program Stops due to connection timed out. What is the expected output? What do you see instead? Continued uploading. What version of the product are you using? On what operating system? 1.2 beta 2 64bit on Win 7 64 bit What backend (destination) are you using? SSH (SFTP) Please provide any additional information below. I have a connection request time limit set on my server's firewall that only allows 5 SSH connections opened/closed from the same host within 60 seconds. So if more than 5 connections are tried within 60 seconds, the server blocks the host. Is there anyway that your program can establish the connection, then send the files within the same connection? I have this block setup to prevent brute force attempts from the outside. Thanks!

Original issue: http://code.google.com/p/duplicati/issues/detail?id=387
@kenkendk
Copy link
Member Author

kenkendk commented Aug 5, 2014

From kenneth@hexad.dk on March 21, 2011 04:39:10

No, not currently.

The unmanaged implementation relies on an external program for executing the commands, so it would be fairly difficult to rewrite that part to support a continuous connection.

This can be performed more easily with the default managed implementation, as there is more control of the link that way.

The reason that it does not keep the connection open, is that there may be a large delay between each file upload (busy, pause, etc.) so the connection may time out. By re-opening the connection between each operation, it also ensures that errors do not pile up, so one transfer may affect the outcome of another.

I will try to see if this can be fixed in 2.0, as it can also improve performance a bit.

In the meantime, have you considered something like denyhosts: http://denyhosts.sourceforge.net/ I have used that on my servers for a long time, and it generally catches all brute force attacks.

Status: Accepted
Owner: kenneth@hexad.dk
Labels: -Type-Defect -Priority-Medium Type-Enhancement Priority-Low

@kenkendk
Copy link
Member Author

kenkendk commented Aug 5, 2014

From drbr...@gmail.com on March 21, 2011 08:14:45

Alright! That is good to know! Thanks for the tip on DenyHosts. It looks very good!

@kenkendk
Copy link
Member Author

kenkendk commented Aug 5, 2014

From kenneth@hexad.dk on September 24, 2011 04:41:41

This is now fixed in trunk a new preview release will be up shortly.

Status: Fixed

@kenkendk kenkendk closed this as completed Aug 5, 2014
@kenkendk kenkendk mentioned this issue Aug 5, 2014
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement imported
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@kenkendk