ssh: add support for ServerAliveCountMax

PR #1299
This commit is contained in:
Damien Cassou 2020-06-01 16:50:34 +02:00 committed by Robert Helgesson
parent dd50dc4c13
commit a21c97d011
No known key found for this signature in database
GPG key ID: 36BDAA14C2797E89
6 changed files with 42 additions and 1 deletions

View file

@ -1527,6 +1527,21 @@ in
A new module is available: 'programs.zoxide' A new module is available: 'programs.zoxide'
''; '';
} }
{
time = "2020-06-03T17:46:11+00:00";
condition = config.programs.ssh.enable;
message = ''
The ssh module now supports the 'ServerAliveCountMax' option
both globally through
programs.ssh.serverAliveCountMax
and per match blocks
programs.ssh.matchBlocks.<name>.serverAliveCountMax
'';
}
]; ];
}; };
} }

View file

@ -143,6 +143,15 @@ let
"Set timeout in seconds after which response will be requested."; "Set timeout in seconds after which response will be requested.";
}; };
serverAliveCountMax = mkOption {
type = types.ints.positive;
default = 3;
description = ''
Sets the number of server alive messages which may be sent
without SSH receiving any messages back from the server.
'';
};
sendEnv = mkOption { sendEnv = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = []; default = [];
@ -281,7 +290,9 @@ let
++ optional (cf.addressFamily != null) " AddressFamily ${cf.addressFamily}" ++ optional (cf.addressFamily != null) " AddressFamily ${cf.addressFamily}"
++ optional (cf.sendEnv != []) " SendEnv ${unwords cf.sendEnv}" ++ optional (cf.sendEnv != []) " SendEnv ${unwords cf.sendEnv}"
++ optional (cf.serverAliveInterval != 0) ++ optional (cf.serverAliveInterval != 0)
" ServerAliveInterval ${toString cf.serverAliveInterval}" " ServerAliveInterval ${toString cf.serverAliveInterval}"
++ optional (cf.serverAliveCountMax != 3)
" ServerAliveCountMax ${toString cf.serverAliveCountMax}"
++ optional (cf.compression != null) " Compression ${yn cf.compression}" ++ optional (cf.compression != null) " Compression ${yn cf.compression}"
++ optional (!cf.checkHostIP) " CheckHostIP no" ++ optional (!cf.checkHostIP) " CheckHostIP no"
++ optional (cf.proxyCommand != null) " ProxyCommand ${cf.proxyCommand}" ++ optional (cf.proxyCommand != null) " ProxyCommand ${cf.proxyCommand}"
@ -325,6 +336,15 @@ in
''; '';
}; };
serverAliveCountMax = mkOption {
type = types.ints.positive;
default = 3;
description = ''
Sets the default number of server alive messages which may be
sent without SSH receiving any messages back from the server.
'';
};
hashKnownHosts = mkOption { hashKnownHosts = mkOption {
default = false; default = false;
type = types.bool; type = types.bool;
@ -459,6 +479,7 @@ in
ForwardAgent ${yn cfg.forwardAgent} ForwardAgent ${yn cfg.forwardAgent}
Compression ${yn cfg.compression} Compression ${yn cfg.compression}
ServerAliveInterval ${toString cfg.serverAliveInterval} ServerAliveInterval ${toString cfg.serverAliveInterval}
ServerAliveCountMax ${toString cfg.serverAliveCountMax}
HashKnownHosts ${yn cfg.hashKnownHosts} HashKnownHosts ${yn cfg.hashKnownHosts}
UserKnownHostsFile ${cfg.userKnownHostsFile} UserKnownHostsFile ${cfg.userKnownHostsFile}
ControlMaster ${cfg.controlMaster} ControlMaster ${cfg.controlMaster}

View file

@ -6,6 +6,7 @@ Host *
ForwardAgent no ForwardAgent no
Compression no Compression no
ServerAliveInterval 0 ServerAliveInterval 0
ServerAliveCountMax 3
HashKnownHosts no HashKnownHosts no
UserKnownHostsFile ~/.ssh/known_hosts UserKnownHostsFile ~/.ssh/known_hosts
ControlMaster no ControlMaster no

View file

@ -10,6 +10,7 @@ Host *
ForwardAgent no ForwardAgent no
Compression no Compression no
ServerAliveInterval 0 ServerAliveInterval 0
ServerAliveCountMax 3
HashKnownHosts no HashKnownHosts no
UserKnownHostsFile ~/.ssh/known_hosts UserKnownHostsFile ~/.ssh/known_hosts
ControlMaster no ControlMaster no

View file

@ -10,6 +10,7 @@ Host abc
Host xyz Host xyz
ServerAliveInterval 60 ServerAliveInterval 60
ServerAliveCountMax 10
IdentityFile file IdentityFile file
LocalForward [localhost]:8080 [10.0.0.1]:80 LocalForward [localhost]:8080 [10.0.0.1]:80
RemoteForward [localhost]:8081 [10.0.0.2]:80 RemoteForward [localhost]:8081 [10.0.0.2]:80
@ -23,6 +24,7 @@ Host *
ForwardAgent no ForwardAgent no
Compression no Compression no
ServerAliveInterval 0 ServerAliveInterval 0
ServerAliveCountMax 3
HashKnownHosts no HashKnownHosts no
UserKnownHostsFile ~/.ssh/known_hosts UserKnownHostsFile ~/.ssh/known_hosts
ControlMaster no ControlMaster no

View file

@ -17,6 +17,7 @@ with lib;
xyz = { xyz = {
identityFile = "file"; identityFile = "file";
serverAliveInterval = 60; serverAliveInterval = 60;
serverAliveCountMax = 10;
localForwards = [{ localForwards = [{
bind.port = 8080; bind.port = 8080;
host.address = "10.0.0.1"; host.address = "10.0.0.1";