Date: Fri, 03 May 2013 16:16:07 +0100 From: Arthur Chance <freebsd@qeng-ho.org> To: Fleuriot Damien <ml@my.gd> Cc: FreeBSD questions <freebsd-questions@freebsd.org> Subject: Re: sshd - time out idle connections Message-ID: <5183D4B7.9050204@qeng-ho.org> In-Reply-To: <1698EAB7-4B40-466D-98CB-782E9E494578@my.gd> References: <1698EAB7-4B40-466D-98CB-782E9E494578@my.gd>
next in thread | previous in thread | raw e-mail | index | archive | help
On 05/03/13 15:28, Fleuriot Damien wrote: > Hello list, > > > > I'm facing this unusual demand at work where we need to time out idle SSH connections for security purposes. > > I've checked the following options from sshd_config but none seems to fit my needs : > TCPKeepAlive > ClientAliveCountMax > ClientAliveInterval > > > Basically, I'm trying to defeat the use of the following client-side option: > ServerAliveInterval 5 > > > I'm afraid all I've hit now is dead ends. > > > Has anyone ever had the same requirements before and, perhaps, found a solution to this ? There's an idletime parameter in login.conf which will log out idle users. Normally sshd bypasses login, but the sshd config parameter UseLogin can change that, although it disables X11Forwarding. Note: this is all from a quick perusal of the source and manuals, I've not done it myself. -- In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a new race of servants. Called Uruk-Oh-Hai in the Black Speech, they were cruel and delighted in torturing spelling and grammar. _Lord of the Rings 2.0, the Web Edition_
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5183D4B7.9050204>