[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TCP password request timeout

To: TYSON@Warbucks.AI.SRI.COM (Mabry Tyson), jackg%cogsci@ucsd.edu
Subject: Re: TCP password request timeout
From: ESC@STONY-BROOK.SCRC.Symbolics.COM (Eric S. Crawley)
Date: Fri, 30 Mar 90 08:41:00 EST
Cc: Slug@Warbucks.AI.SRI.COM
In-reply-to: <19900330015541.8.TYSON@ELCAPITAN.AI.SRI.COM>

    Date: Thu, 29 Mar 90 17:55 PST
    From: TYSON@Warbucks.AI.SRI.COM (Mabry Tyson)

	Date: Thu, 29 Mar 90 15:48 PST
	From: jackg%cogsci@ucsd.edu (Jack Greenbaum)

	 >Date: Thu, 29 Mar 90 14:54 PST
	 >From: Monty Kosma <kosma%stc-sun@STC.LOCKHEED.COM>
	 >To: slug%alan@STC.LOCKHEED.COM, symbolics%alan@STC.LOCKHEED.COM
	 >Subject: TCP password request timeout
	 >
	 >Anybody know anything about the following?
	 >
	 >I'm using tcp and compiling a bunch of source files which reside on a
	 >remote (unix) machine.  At the beginning of the compile operation, I am
	 >prompted for my password, which I can understand, but then several times
	 >throughout the compiling of the system I am again and again asked for my
	 >password.  It seems as if there is some sort of a timeout or something, as
	 >it doesn't ask each time it gets a new file.  Any idea on how I can change
	 >this behavior?  It would be nice for it to at least wait for a bit longer
	 >before rerequesting the password.
	 >
	 >monty
	 >

	We use (setf fs:*remember-passwords* t).

	-- Jack

    As I recall from trying to track this down in the past, the problem lies in
    the fact that the Symbolics wants to reuse the port on the FTP connection
    but the foreign host hasn't yet finished closing it and so refuses to reuse
    it.  So the Symbolics opens another FTP connection and requires the login
    again.

    Please realize that if you set FS:*REMEMBER-PASSWORDS* to T, then
    someone could walk up to your machine and, in a matter of seconds, get
    all your passwords to all the systems you FTPed to.  No encryption to
    fool with...

Your analysis is mostly correct.  FTP connections are reused whenever
possible.  FTP in 7.2 had a host of timing problems reusing connections mostly
with the connection scavenger.  These would conspire together to use even more
connections as well as blow out from time to time.  All the timing holes I
could find were closed in 8.0 and fewer connections should be used but it is
true that a password will be needed for every new connection made. Compiling
a file requires two connections, one for input and one for output.  Barmar
also points out that the FILE-CONTROL-LIFETIME host attribute can be used to
keep the connections around longer but many servers will close down idle
connections after a set period, making longer file-control-lifetimes useless
(BSD Unix 4.3 defaults to 15 minutes last I checked).  

FS:*REMEMBER-PASSWORDS* can be used to reduce the prompting but the security
implications should be carefully weighed.

References:
- Re: TCP password request timeout
  - From: TYSON@Warbucks.AI.SRI.COM (Mabry Tyson)

Prev by Date: Undoing a presentation deftype ..
Next by Date: RE: SNMP implementation?
Previous by thread: Re: TCP password request timeout
Next by thread: TCP password request timeout
Index(es):
- Date
- Thread