Date: Fri, 3 May 2013 17:05:38 +0200 From: Fleuriot Damien <ml@my.gd> To: markham breitbach <markham_breitbach@ssimicro.com> Cc: freebsd-questions@freebsd.org Subject: Re: sshd - time out idle connections Message-ID: <13EF2CCE-397D-4456-A553-B331D9314C26@my.gd> In-Reply-To: <5183CEF5.1070604@ssimicro.com> References: <1698EAB7-4B40-466D-98CB-782E9E494578@my.gd> <5183CEF5.1070604@ssimicro.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks for your response Markham, I'm afraid labor law is much too protective here for us to be able to = "educate" users in this way ;) Your idea to run a cron job every X minutes has merit though, I'll try = and check into that ! On May 3, 2013, at 4:51 PM, markham breitbach = <markham_breitbach@ssimicro.com> wrote: > Depending on the shell you are using, you may be able to set that to = auto-logout, or you > could set a cron job to run every 5 minutes and terminate tty's with > = 5min idle time. >=20 > Honestly though, you will rarely find a good technical solution to a = social > problem--there's always a work-around--and this is a social problem. = If there is a > company security policy stating that ssh sessions are not to be left = idling > 5 min, then > make sure everyone is aware of this policy and start handing out pink = slips to people that > violate it. >=20 > -M >=20 >=20 > On 13-05-03 8:28 AM, Fleuriot Damien wrote: >> Hello list, >>=20 >>=20 >>=20 >> I'm facing this unusual demand at work where we need to time out idle = SSH connections for security purposes. >>=20 >> I've checked the following options from sshd_config but none seems to = fit my needs : >> TCPKeepAlive >> ClientAliveCountMax >> ClientAliveInterval >>=20 >>=20 >> Basically, I'm trying to defeat the use of the following client-side = option: >> ServerAliveInterval 5 >>=20 >>=20 >> I'm afraid all I've hit now is dead ends. >>=20 >>=20 >> Has anyone ever had the same requirements before and, perhaps, found = a solution to this ? >>=20 >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org" >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?13EF2CCE-397D-4456-A553-B331D9314C26>