From owner-freebsd-questions@FreeBSD.ORG Fri May 3 15:03:05 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 795826EE for ; Fri, 3 May 2013 15:03:05 +0000 (UTC) (envelope-from markham_breitbach@ssimicro.com) Received: from mail.ssimicro.com (mail.ssimicro.com [64.247.129.10]) by mx1.freebsd.org (Postfix) with ESMTP id 14FBF1676 for ; Fri, 3 May 2013 15:03:04 +0000 (UTC) Received: from markham.ssimicro.com (markham.ssimicro.com [64.247.130.99]) by mail.ssimicro.com (8.14.4/8.14.5) with ESMTP id r43EpXYT053743 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NOT) for ; Fri, 3 May 2013 08:51:34 -0600 (MDT) Message-ID: <5183CEF5.1070604@ssimicro.com> Date: Fri, 03 May 2013 08:51:33 -0600 From: markham breitbach User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:17.0) Gecko/20130328 Thunderbird/17.0.5 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: sshd - time out idle connections References: <1698EAB7-4B40-466D-98CB-782E9E494578@my.gd> In-Reply-To: <1698EAB7-4B40-466D-98CB-782E9E494578@my.gd> X-Enigmail-Version: 1.5.1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 May 2013 15:03:05 -0000 Depending on the shell you are using, you may be able to set that to auto-logout, or you could set a cron job to run every 5 minutes and terminate tty's with > 5min idle time. Honestly though, you will rarely find a good technical solution to a social problem--there's always a work-around--and this is a social problem. If there is a company security policy stating that ssh sessions are not to be left idling > 5 min, then make sure everyone is aware of this policy and start handing out pink slips to people that violate it. -M On 13-05-03 8:28 AM, Fleuriot Damien wrote: > Hello list, > > > > I'm facing this unusual demand at work where we need to time out idle SSH connections for security purposes. > > I've checked the following options from sshd_config but none seems to fit my needs : > TCPKeepAlive > ClientAliveCountMax > ClientAliveInterval > > > Basically, I'm trying to defeat the use of the following client-side option: > ServerAliveInterval 5 > > > I'm afraid all I've hit now is dead ends. > > > Has anyone ever had the same requirements before and, perhaps, found a solution to this ? > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"