Date: Fri, 3 May 2013 17:23:05 +0200 From: Fleuriot Damien <ml@my.gd> To: Arthur Chance <freebsd@qeng-ho.org> Cc: FreeBSD questions <freebsd-questions@freebsd.org> Subject: Re: sshd - time out idle connections Message-ID: <7A4DFB0E-05E5-4147-B9D4-E797458D30F8@my.gd> In-Reply-To: <5183D4B7.9050204@qeng-ho.org> References: <1698EAB7-4B40-466D-98CB-782E9E494578@my.gd> <5183D4B7.9050204@qeng-ho.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On May 3, 2013, at 5:16 PM, Arthur Chance <freebsd@qeng-ho.org> wrote: > On 05/03/13 15:28, Fleuriot Damien wrote: >> Hello list, >>=20 >>=20 >>=20 >> I'm facing this unusual demand at work where we need to time out idle = SSH connections for security purposes. >>=20 >> I've checked the following options from sshd_config but none seems to = fit my needs : >> TCPKeepAlive >> ClientAliveCountMax >> ClientAliveInterval >>=20 >>=20 >> Basically, I'm trying to defeat the use of the following client-side = option: >> ServerAliveInterval 5 >>=20 >>=20 >> I'm afraid all I've hit now is dead ends. >>=20 >>=20 >> Has anyone ever had the same requirements before and, perhaps, found = a solution to this ? >=20 > There's an idletime parameter in login.conf which will log out idle = users. Normally sshd bypasses login, but the sshd config parameter = UseLogin can change that, although it disables X11Forwarding. >=20 > Note: this is all from a quick perusal of the source and manuals, I've = not done it myself. >=20 > --=20 > In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a > new race of servants. Called Uruk-Oh-Hai in the Black Speech, they > were cruel and delighted in torturing spelling and grammar. >=20 > _Lord of the Rings 2.0, the Web Edition_ I've already tried using login.conf 's idle timeout option and was sad = indeed that it didn't apply to SSH connections. It never occured to me that UseLogin might be involved there=85 I'll have a look at it as well, thanks for your help Arthur.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7A4DFB0E-05E5-4147-B9D4-E797458D30F8>