Re: SSH timeout settings

From: Dan Pelleg (daniel+bsd@pelleg.org)
Date: 06/22/02

• Next message: Lyndon Nerenberg: "Re: Possible security liability: Filling disks with junk or spam"
• Previous message: Krzysztof Zaraska: "Apache FreeBSD exploit released"
• In reply to: Lawrence Sica: "Re: SSH timeout settings"
• Next in thread: Noah K Sematimba: "Re: SSH timeout settings"
• Reply: Noah K Sematimba: "Re: SSH timeout settings"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Lawrence Sica <lomifeh@earthlink.net>
From: Dan Pelleg <daniel+bsd@pelleg.org>
Date: 22 Jun 2002 07:33:37 -0400

Lawrence Sica <lomifeh@earthlink.net> writes:

> twig les wrote:
> > Hey all, I think this is an easy one masquerading as a
> > tough one.... My OpenSSH on my Free 4.4 Release box
> > just lets me keep an open session indefinitely without
> > any activity. I've read man sshd and all sorts of
> > other things but no mention.
> > So the short version is: where do I lower the timeout
>
> > of SSH?
> >
>
>
>
> If you are using login with ssh, then you can modify login.conf:
>
> from man 5 login.conf
>
> idletime time Maximum idle time before logout.
>
>
> Read the manpage for more info and don't forget to run cap_mkdb if you
> change login.conf.
>

 Does this actually work for you? There have been reports by different
people that this is a no-op. A very old PR (conf/9874) suggests it was
never implemented and should be removed from the manpage.

 The are at least two ports (blimitd and idled) that claim to enforce this
limit - I've tried neither.

-- 
  Dan Pelleg
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Lyndon Nerenberg: "Re: Possible security liability: Filling disks with junk or spam"
• Previous message: Krzysztof Zaraska: "Apache FreeBSD exploit released"
• In reply to: Lawrence Sica: "Re: SSH timeout settings"
• Next in thread: Noah K Sematimba: "Re: SSH timeout settings"
• Reply: Noah K Sematimba: "Re: SSH timeout settings"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: ssh forwarding environment variables ... no mention of it in the sshd_config manpage ... ... the remote system being machine B, the one running sshd, the one into ... > environment in the remote session, but I don't think that's how it ... every ssh connection into it ... ... (Debian-User) Re: ssh forwarding environment variables ... when i connect via ssh. ... >> relevant on the sshd manpage, so i don't think i need to do anything ... >> to the sshd config on machine B. ... (Debian-User) Re: SSH attack ... Alvin Oga wrote: ... I meant sending the email alert as described in the manpage. ... Still it seems better to start ssh from inetd for security reasons. ... (Debian-User) Linux Network Cluster/Load Balancing ... Hey everyone. ... I've got about a dozen computers ... I want to have a single login point so that you just ssh to ... this isolated network. ... (comp.os.linux.networking) Re: SSH attack ... On Mon, 10 Oct 2005, Marty wrote: ... > I'm not sure that will work with the manpage example I gave. ... sshd is NOT listed in inetd.conf or xinetd.conf ... grep whatever you like from the gazillion log files for ssh this and ssh ... (Debian-User)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint