Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 21 Jun 2002 00:22:54 +0200
From:      jeremie le-hen <le-hen_j@epita.fr>
To:        twig les <twigles@yahoo.com>
Cc:        freebsd-security@freebsd.org
Subject:   Re: SSH timeout settings
Message-ID:  <20020621002254.B21286@rocco.epita.fr>
In-Reply-To: <20020620214512.42806.qmail@web10101.mail.yahoo.com>; from twigles@yahoo.com on Thu, Jun 20, 2002 at 02:45:12PM -0700
References:  <20020620214512.42806.qmail@web10101.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
> Hey all, I think this is an easy one masquerading as a
> tough one....  My OpenSSH on my Free 4.4 Release box
> just lets me keep an open session indefinitely without
> any activity.  I've read man sshd and all sorts of
> other things but no mention.
> 
> So the short version is: where do I lower the timeout
> of SSH?

These two options from sshd(8) manual page may help you (grabbed from my
4.6-REALSE box -- "sshd version OpenSSH_2.9 FreeBSD localisations 20020307") :

     ClientAliveInterval
             Sets a timeout interval in seconds after which if no data has
             been received from the client, sshd will send a message through
             the encrypted channel to request a response from the client.  The
             default is 0, indicating that these messages will not be sent to
             the client.  This option applies to protocol version 2 only.

     KeepAlive
             Specifies whether the system should send keepalive messages to
             the other side.  If they are sent, death of the connection or
             crash of one of the machines will be properly noticed.  However,
             this means that connections will die if the route is down tem-
             porarily, and some people find it annoying.  On the other hand,
             if keepalives are not sent, sessions may hang indefinitely on the
             server, leaving ``ghost'' users and consuming server resources.

             The default is ``yes'' (to send keepalives), and the server will
             notice if the network goes down or the client host reboots.  This
             avoids infinitely hanging sessions.

             To disable keepalives, the value should be set to ``no'' in both
             the server and the client configuration files.

-- 
Jeremie aka TataZ
le-hen_j@epita.fr

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020621002254.B21286>