Date: Fri, 03 May 2013 11:18:10 -0400 From: "Mikel King" <mikel@olivent.com> To: "Fleuriot Damien" <ml@my.gd>, "FreeBSD questions" <freebsd-questions@freebsd.org> Subject: Re: sshd - time out idle connections Message-ID: <20130503151810.c829c479@mail.olivent.com> In-Reply-To: 1698EAB7-4B40-466D-98CB-782E9E494578@my.gd
next in thread | raw e-mail | index | archive | help
Firing people for violating the 5 minute rule seems a tad extreme. If th= ere is indeed a company policy regarding the 5 minute idle window you an= d you intend to roll forward with a connection kill script then also mak= e screen or tmux available. In my experience people tend to be more acce= pting of connection outages if they can reconnect to where the were when= they were last on.=20 Regards, Mikel King BSD News=20 =5F=5F=5F=5F=5F =20 From: Fleuriot Damien [mailto:ml@my.gd] To: FreeBSD questions [mailto:freebsd-questions@freebsd.org] Sent: Fri, 03 May 2013 10:28:31 -0400 Subject: sshd - time out idle connections Hello list, =20 =20 =20 I'm facing this unusual demand at work where we need to time out idle = SSH connections for security purposes. =20 I've checked the following options from sshd=5Fconfig but none seems t= o fit my needs : TCPKeepAlive ClientAliveCountMax ClientAliveInterval =20 =20 Basically, I'm trying to defeat the use of the following client-side o= ption: ServerAliveInterval 5 =20 =20 I'm afraid all I've hit now is dead ends. =20 =20 Has anyone ever had the same requirements before and, perhaps, found a= solution to this =3F =20 =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebs= d.org" =20 From owner-freebsd-questions@FreeBSD.ORG Fri May 3 16:18:20 2013 Return-Path: <owner-freebsd-questions@FreeBSD.ORG> Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id D304FB3A for <freebsd-questions@freebsd.org>; Fri, 3 May 2013 16:18:20 +0000 (UTC) (envelope-from allan@physics.umn.edu) Received: from mail.physics.umn.edu (smtp.spa.umn.edu [128.101.220.4]) by mx1.freebsd.org (Postfix) with ESMTP id B47451D9E for <freebsd-questions@freebsd.org>; Fri, 3 May 2013 16:18:19 +0000 (UTC) Received: from peevish.spa.umn.edu ([128.101.220.230]) by mail.physics.umn.edu with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <allan@physics.umn.edu>) id 1UYIgc-000Cfw-ME for freebsd-questions@freebsd.org; Fri, 03 May 2013 11:18:18 -0500 Received: by peevish.spa.umn.edu (Postfix, from userid 5000) id 9265474C; Fri, 3 May 2013 11:18:18 -0500 (CDT) Date: Fri, 3 May 2013 11:18:18 -0500 From: Graham Allan <allan@physics.umn.edu> To: freebsd-questions@freebsd.org Subject: Re: Restarting exports disturbs clients Message-ID: <20130503161818.GK32659@physics.umn.edu> References: <alpine.LRH.2.03.1305021137480.32731@nber.org> <5183A8BA.7040309@bananmonarki.se> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5183A8BA.7040309@bananmonarki.se> User-Agent: Mutt/1.5.20 (2009-12-10) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions <freebsd-questions.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions> List-Post: <mailto:freebsd-questions@freebsd.org> List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=subscribe> X-List-Received-Date: Fri, 03 May 2013 16:18:20 -0000 On Fri, May 03, 2013 at 02:08:26PM +0200, Bernt Hansson wrote: > 2013-05-03 12:49, Daniel Feenberg skrev: > > > >When we change the exportfs file on our FreeBSD 9.1 fileserver: > > > > kill -HUP `cat /var/run/mountd.pid` > > That seems a bit harsh, try /etc/rc.d/nfsd restart or > /etc/nfsserver restart. Sending SIGHUP to mountd has always been the right way to have it reread the exports file - should really be much less disruptive than restarting the service. Graham --
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130503151810.c829c479>