[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: (open) sshd timeout



Found this at: http://www.unix.org.ua/orelly/networking_2ndEd/ssh/ch05_04.htm

5.4.3.3. Idle connections
Suppose an SSH connection is established between a server and a
client, but no data passes over the connection for a long time. What
should the server do: keep the connection alive, or terminate it?

SSH1 provides the IdleTimeout keyword, which tells the server what to
do if a connection is idle, i.e., if the user doesn't transmit any
data in a given period. If IdleTimeout is zero (the default), the
server does nothing, leaving idle connections intact:

# SSH1 only
IdleTimeout 0
Otherwise, the server terminates the connection after a specified
interval of idleness. In this case, the value of IdleTimeout is a
positive integer, optionally followed by letter: s for seconds, m for
minutes, h for hours, d for days, or w for weeks. If no letter is
given, the number represents seconds.

Here are several ways to set an IdleTimeout of exactly one day:

# SSH1 only
IdleTimeout 1d
IdleTimeout 24h
IdleTimeout 1440m
IdleTimeout 86400s
IdleTimeout 86400
The idle timeout can also be set for a given key in a user's
authorized_keys file using the idle-timeout option. [Section 8.2.7,
"Setting Idle Timeout "] Notably, this option overrides the server's
IdleTimeout value but only for that key. This is a rare instance of a
per-account option overriding a serverwide option.

Not sure if that will do the trick for you or not.  I'm interested in
this answer myself as I am running openssh on a PC and never gave
thought to this issue.  But then again I'm the only (authorized) user
of that machine so haven't had to worry about it for most part.

Thanks,

Jacques

On 3/19/06, Gaspar Bakos <gbakos cfa harvard edu> wrote:
> Hi, folks,
>
> I am trying to set up sshd under FC3 and FC4 in such a way that idle
> logins are terminated after T(=1hour, for example) timeout.
> I did some googling on the issue that lead to confusion...
>
> At some place the
>  IdleTimeout 1h
> was suggested (in sshd_config),
> but this openssh we have does not recognize such an option.
>
> If you know the solution, let me know.
>
> rpm -q openssh
> openssh-4.2p1-fc4.1
>
> Cheers
> Gaspar
>
> --
> fedora-list mailing list
> fedora-list redhat com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]