From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1)
Gecko/20031114

Description of problem:
Im unlucky enough to be working behind a Cisco PIX firewall, and every
time a ssh connection is idle for a certain amount of time that PIX
firewall tears down the connection.
Not only is my session killed, but it leaves a hanging sshd on the
remote machine (that eventually does time out, but its still an
annoyance).

I patched OpenSSH to use the watchdog patch on my client box and set
the Heartbeat rate to one pr. minute.   Now the PIX does not kill my
connections.   I even still have them in the morning when returning to
work.   Life is good now :)

The patch is very well done.  the client (ssh) sends a SSH_MSG_IGNORE
message every "Heartbeat" seconds and pr. the SSH standard, all ssh
(sshd's) servers must accept and ignore those messages, so no changes
are needed in ssh servers for this feature.  OpenSSH already shipping
with from Red Hat already handles the SSH_MSG_IGNORE messges correctly.

The patch also has a second feature (hence the name) and thats a
watchdog feature for the server.   It's function is to detect when
clients have gone away and terminate the connection (and the sshd
child process that had it).

New config directives are:
In /etc/ssh/ssh_config:
Heartbeat N

and in /etc/ssh/sshd_config:
Watchdog N

N = seconds.   If 0 the feature is disabled.

The patch can be found here:
http://www.sc.isc.tohoku.ac.jp/~hgot/sources/openssh-watchdog.html

And I suggest it be included in everything from Fedora Core to the
Advanced server.  It can be shipped with the new directives defaulting
to 0 so no change is apparent in functionality unless the user chooses
to activate them.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
Not a bug, nothing to reproduce.
    

Additional info: