[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: (open) sshd timeout

Found this at: http://www.unix.org.ua/orelly/networking_2ndEd/ssh/ch05_04.htm Idle connections
Suppose an SSH connection is established between a server and a
client, but no data passes over the connection for a long time. What
should the server do: keep the connection alive, or terminate it?

SSH1 provides the IdleTimeout keyword, which tells the server what to
do if a connection is idle, i.e., if the user doesn't transmit any
data in a given period. If IdleTimeout is zero (the default), the
server does nothing, leaving idle connections intact:

# SSH1 only
IdleTimeout 0
Otherwise, the server terminates the connection after a specified
interval of idleness. In this case, the value of IdleTimeout is a
positive integer, optionally followed by letter: s for seconds, m for
minutes, h for hours, d for days, or w for weeks. If no letter is
given, the number represents seconds.

Here are several ways to set an IdleTimeout of exactly one day:

# SSH1 only
IdleTimeout 1d
IdleTimeout 24h
IdleTimeout 1440m
IdleTimeout 86400s
IdleTimeout 86400
The idle timeout can also be set for a given key in a user's
authorized_keys file using the idle-timeout option. [Section 8.2.7,
"Setting Idle Timeout "] Notably, this option overrides the server's
IdleTimeout value but only for that key. This is a rare instance of a
per-account option overriding a serverwide option.

Not sure if that will do the trick for you or not.  I'm interested in
this answer myself as I am running openssh on a PC and never gave
thought to this issue.  But then again I'm the only (authorized) user
of that machine so haven't had to worry about it for most part.



On 3/19/06, Gaspar Bakos <gbakos cfa harvard edu> wrote:
> Hi, folks,
> I am trying to set up sshd under FC3 and FC4 in such a way that idle
> logins are terminated after T(=1hour, for example) timeout.
> I did some googling on the issue that lead to confusion...
> At some place the
>  IdleTimeout 1h
> was suggested (in sshd_config),
> but this openssh we have does not recognize such an option.
> If you know the solution, let me know.
> rpm -q openssh
> openssh-4.2p1-fc4.1
> Cheers
> Gaspar
> --
> fedora-list mailing list
> fedora-list redhat com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]