Limits of SSH multiplexing
The sshd
daemon on the server is limiting the number of sessions per network connection. This is controlled by MaxSessions
option in /etc/ssh/sshd_config
. Also the MaxStartups
option may need to be increased if you use a large number of sessions. (See man sshd_config
for more details.) The option to modify MaxSessions
limit has been introduced in OpenSSH 5.1 and it looks that the number was previously hard-fixed at 10. If you exceed MaxSessions
on the server, you'll see sshd[####]: error: no more sessions
in the server's log.
I ran into this issue on a server with an earlier version of OpenSSH. I control the server, and I solved the problem by creating two CNAMEs in my named configuration:
realhost.myexample.com. IN A XXX.XXX.XXX.XXX
realhost2.myexample.com. IN CNAME realhost.myexample.com.
realhost3.myexample.com. IN CNAME realhost.myexample.com.
Then, in my local ssh client config:
ControlMaster auto
ControlPath ~/.ssh/%r_%p_%h
host realhost
hostname realhost.myexample.com
host realhost2
hostname realhost2.myexample.com
host realhost3
hostname realhost3.myexample.com
The ControlPath statement is so the control socket names don't step on each other.
That's it, but to make it easy to manage, I wrote a wrapper script for 'ssh' on the client side. It understands that there are 'groups' of hosts (in this case realhost, realhost1, realhost2 comprise one group). When issuing 'sshwrapper realhost', if there are no open channels, all three are opened, and one session is begun. Next time it's run, it counts open connections per channel, and opens the new session in the channel with the fewest connections.
With one real, and two 'fake' hosts, I can connect 30 times before receiving an error. Logging in is extremely fast, except the initial time takes a second or two, as all three control channels are opened at that time.