RE: ClientAliveInterval not working?
From: Joe Terwilliger (jterwilliger_at_ewess.com)
To: <firstname.lastname@example.org> Date: Tue, 7 Oct 2003 09:20:10 -0400
Yes, that is exactly what we were looking for. Thanks for the help.
From: Darren Tucker [mailto:email@example.com]
Sent: Monday, October 06, 2003 7:54 PM
To: Joe Terwilliger
Subject: Re: ClientAliveInterval not working?
Joe Terwilliger wrote:
> We are trying to control inactivity timeout on sshd using the
> ClientAliveInterval and ClientAliveCountMax sshd_config settings but it
> doesnt seem to be having any affect on timing out and disconnecting
> inactive/idle clients. I have tried using standard numeric arguments and
> numeric arguments followed by a character modifier (s, m, h, etc) with no
> effect. Clients are still staying connected regardless of the
> ClientAliveInterval setting and what client I am using to connect - I have
> tried PuTTY and the standards ssh clients to connect, both with keepalive
> settings turned off. Are there issues with this feature in openSSH or
> something I am missing in the documentation?
What do you mean by "inactive/idle"? The ClientAlive* options control
inactivity from a protocol standpoint, not from a
not-typing-anything-at-the-shell standpoint. This is useful for cleaning
up sessions where the client has become disconnected/crashed/changed IP.
As long as the client responds to a protocol no-op message, it's
considered active. This will be invisible to the user (but if you connect
with "ssh -v" you'll see them happening, and if you disconnect the network
cable you'll see the session disconnected).
You probably want something like the TMOUT feature of some shells. There
are also some third-party patches that do the same thing in sshd, eg the
patch referred to in . I haven't used any of those.
-- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.