how to set the idle-timeout in linux SSH
Alexander Apprich
a.apprich at science-computing.de
Tue May 31 09:47:04 UTC 2005
Hey,
M E Fieu wrote:
> Hi.. I found that one of linux server SSH login
> timeout is very fast. How do I check the current
> timeout setting and change it. I found the info is
> not in sshd_config
>
from "man sshd_config"
ClientAliveInterval
Sets a timeout interval in seconds after which if no data has been
received from the client, sshd will send a message through the
encrypted channel to request a response from the client. The default
is 0, indicating that these messages will not be sent to the
client. This option applies to protocol version 2 only.
ClientAliveCountMax
Sets the number of client alive messages (see above) which may be
sent without sshd receiving any messages back from the client.
If this threshold is reached while client alive messages are being
sent, sshd will disconnect the client, terminating the session.
It is important to note that the use of client alive messages is very
different from TCPKeepAlive (below). The client alive mes-
sages are sent through the encrypted channel and therefore will not
be spoofable. The TCP keepalive option enabled by TCPKeepAlive
is spoofable. The client alive mechanism is valuable when the client
or server depend on knowing when a connection has become
inactive.
The default value is 3. If ClientAliveInterval (above) is set to 15,
and ClientAliveCountMax is left at the default, unresponsive
ssh clients will be disconnected after approximately 45 seconds.
Set this in your sshd_config and restart opensshd
Hth
Alex
More information about the fedora-list
mailing list