In message <200410251920.i9PJKZoJ022707@herd.plethora.net>, Peter Seebach write
s:
>In message <20041025191757.GA1367@antioche.eu.org>, Manuel Bouyer writes:
>>On Mon, Oct 25, 2004 at 01:30:29PM -0500, Peter Seebach wrote:
>>> In message <20041025181938.GB705@antioche.eu.org>, Manuel Bouyer writes:
>>> >Do you have keepalive turned on, and at which rate ?
>>> >This could be a difference in setup on the client side.
>>> 
>>> net.inet.tcp.keepidle = 14400
>>> net.inet.tcp.keepintvl = 150
>>> net.inet.tcp.keepcnt = 8
>>> 
>>> Maybe I should change these?
>>
>>Maybe decrease keepintvl (and increase keepcnt).
>>But first, check KeepAlive in ssh_config and sshd_config
>
>sshd_config didn't have it set - but the sshd side is working fine with
>my friend's laptop.
>
>Interestingly, the default is "yes".  And it's not turned off.  So it
>should be keeping the connection alive, and noticing problems.  But it
>doesn't; it just hangs.
>

It really sounds a lot like a NAT or firewall dropping state.  It all 
depends on that box's timer -- my home NAT has a long-enough timeout 
that I have no trouble; at my office, I have to run a sleep/echo script 
to keep the connection alive.  And a hang is exactly what I see if the 
connection times out on the firewall -- or rather, it appears to be a 
hang, but it would turn into a "connection timed out" if I wait long 
enough.

		--Steve Bellovin, http://www.research.att.com/~smb