TSH connection resume attempt interferes with network changes that sever connectivity to the cluster

[programmerq]

Expected Behavior:

When intentionally disconnecting from a VPN, any ssh or tsh ssh sessions that depend on that VPN should exit when the connection is gone/unavailable. This is the behavior of tsh ssh from before connection resumption.

If tsh cannot automatically reconnect, it should be interruptible via standard methods such as Ctrl+C to allow users to manually handle the session termination.

Current Behavior:

tsh hangs indefinitely when a VPN disconnects.

Ctrl+C does not work to terminate the hung session.

The SSH escape sequence (<enter>~.) is respected, but far too many users don't know this. As a result, this increases support load on the Teleport administrators.

Bug Details:

• Teleport version: Issue persists in versions v15.3.7, v16.4.2, and likely others.

• Recreation Steps:

  1. Connect to a Teleport Cluster that is only accessible via a VPN. (was reported with an OpenVPN client on both mac and windows)
  2. SSH to a server using tsh through a VPN connection.
  3. Disconnect from the VPN.
  4. Observe that tsh hangs and fails to reconnect when VPN is restored.
  5. Attempt to use Ctrl+C or SSH escape sequence to disconnect.

• Debug Logs:

  ERROR: failed to receive from source: error reading from server: read tcp 10.252.78.88:59559->10.117.66.29:443: read: operation timed out
  

This issue has been reported on both macOS and Windows operating systems with OpenVPN clients, using tsh versions within the 15.x and 16.x series. Reproducing this in a controlled environment can aid in identifying the root cause and potential fixes.