From owner-freebsd-questions@FreeBSD.ORG Fri May 3 15:48:23 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 086B5E50 for ; Fri, 3 May 2013 15:48:23 +0000 (UTC) (envelope-from mikel@olivent.com) Received: from mail.olivent.com (mail.olivent.com [75.99.82.91]) by mx1.freebsd.org (Postfix) with ESMTP id 8304B1B01 for ; Fri, 3 May 2013 15:48:22 +0000 (UTC) Received: from localhost ([127.0.0.1]) by mail.olivent.com; Fri, 3 May 2013 11:18:10 -0400 To: "Fleuriot Damien" , "FreeBSD questions" From: "Mikel King" Subject: Re: sshd - time out idle connections In-Reply-To: 1698EAB7-4B40-466D-98CB-782E9E494578@my.gd Message-ID: <20130503151810.c829c479@mail.olivent.com> Date: Fri, 03 May 2013 11:18:10 -0400 X-User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/536.29.13 (KHTML, like Gecko) Version/6.0.4 Safari/536.29.13 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 May 2013 15:48:23 -0000 Firing people for violating the 5 minute rule seems a tad extreme. If th= ere is indeed a company policy regarding the 5 minute idle window you an= d you intend to roll forward with a connection kill script then also mak= e screen or tmux available. In my experience people tend to be more acce= pting of connection outages if they can reconnect to where the were when= they were last on.=20 Regards, Mikel King BSD News=20 =5F=5F=5F=5F=5F =20 From: Fleuriot Damien [mailto:ml@my.gd] To: FreeBSD questions [mailto:freebsd-questions@freebsd.org] Sent: Fri, 03 May 2013 10:28:31 -0400 Subject: sshd - time out idle connections Hello list, =20 =20 =20 I'm facing this unusual demand at work where we need to time out idle = SSH connections for security purposes. =20 I've checked the following options from sshd=5Fconfig but none seems t= o fit my needs : TCPKeepAlive ClientAliveCountMax ClientAliveInterval =20 =20 Basically, I'm trying to defeat the use of the following client-side o= ption: ServerAliveInterval 5 =20 =20 I'm afraid all I've hit now is dead ends. =20 =20 Has anyone ever had the same requirements before and, perhaps, found a= solution to this =3F =20 =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebs= d.org" =20 From owner-freebsd-questions@FreeBSD.ORG Fri May 3 16:18:20 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id D304FB3A for ; Fri, 3 May 2013 16:18:20 +0000 (UTC) (envelope-from allan@physics.umn.edu) Received: from mail.physics.umn.edu (smtp.spa.umn.edu [128.101.220.4]) by mx1.freebsd.org (Postfix) with ESMTP id B47451D9E for ; Fri, 3 May 2013 16:18:19 +0000 (UTC) Received: from peevish.spa.umn.edu ([128.101.220.230]) by mail.physics.umn.edu with esmtp (Exim 4.77 (FreeBSD)) (envelope-from ) id 1UYIgc-000Cfw-ME for freebsd-questions@freebsd.org; Fri, 03 May 2013 11:18:18 -0500 Received: by peevish.spa.umn.edu (Postfix, from userid 5000) id 9265474C; Fri, 3 May 2013 11:18:18 -0500 (CDT) Date: Fri, 3 May 2013 11:18:18 -0500 From: Graham Allan To: freebsd-questions@freebsd.org Subject: Re: Restarting exports disturbs clients Message-ID: <20130503161818.GK32659@physics.umn.edu> References: <5183A8BA.7040309@bananmonarki.se> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5183A8BA.7040309@bananmonarki.se> User-Agent: Mutt/1.5.20 (2009-12-10) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 May 2013 16:18:20 -0000 On Fri, May 03, 2013 at 02:08:26PM +0200, Bernt Hansson wrote: > 2013-05-03 12:49, Daniel Feenberg skrev: > > > >When we change the exportfs file on our FreeBSD 9.1 fileserver: > > > > kill -HUP `cat /var/run/mountd.pid` > > That seems a bit harsh, try /etc/rc.d/nfsd restart or > /etc/nfsserver restart. Sending SIGHUP to mountd has always been the right way to have it reread the exports file - should really be much less disruptive than restarting the service. Graham --