Date: Fri, 03 May 2013 11:18:10 -0400 From: "Mikel King" <mikel@olivent.com> To: "Fleuriot Damien" <ml@my.gd>, "FreeBSD questions" <freebsd-questions@freebsd.org> Subject: Re: sshd - time out idle connections Message-ID: <20130503151810.c829c479@mail.olivent.com> In-Reply-To: 1698EAB7-4B40-466D-98CB-782E9E494578@my.gd
next in thread | raw e-mail | index | archive | help
Firing people for violating the 5 minute rule seems a tad extreme. If there is indeed a company policy regarding the 5 minute idle window you and you intend to roll forward with a connection kill script then also make screen or tmux available. In my experience people tend to be more accepting of connection outages if they can reconnect to where the were when they were last on. Regards, Mikel King BSD News _____ From: Fleuriot Damien [mailto:ml@my.gd] To: FreeBSD questions [mailto:freebsd-questions@freebsd.org] Sent: Fri, 03 May 2013 10:28:31 -0400 Subject: sshd - time out idle connections Hello list, I'm facing this unusual demand at work where we need to time out idle SSH connections for security purposes. I've checked the following options from sshd_config but none seems to fit my needs : TCPKeepAlive ClientAliveCountMax ClientAliveInterval Basically, I'm trying to defeat the use of the following client-side option: ServerAliveInterval 5 I'm afraid all I've hit now is dead ends. Has anyone ever had the same requirements before and, perhaps, found a solution to this ? _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" From owner-freebsd-questions@FreeBSD.ORG Fri May 3 16:18:20 2013 Return-Path: <owner-freebsd-questions@FreeBSD.ORG> Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id D304FB3A for <freebsd-questions@freebsd.org>; Fri, 3 May 2013 16:18:20 +0000 (UTC) (envelope-from allan@physics.umn.edu) Received: from mail.physics.umn.edu (smtp.spa.umn.edu [128.101.220.4]) by mx1.freebsd.org (Postfix) with ESMTP id B47451D9E for <freebsd-questions@freebsd.org>; Fri, 3 May 2013 16:18:19 +0000 (UTC) Received: from peevish.spa.umn.edu ([128.101.220.230]) by mail.physics.umn.edu with esmtp (Exim 4.77 (FreeBSD)) (envelope-from <allan@physics.umn.edu>) id 1UYIgc-000Cfw-ME for freebsd-questions@freebsd.org; Fri, 03 May 2013 11:18:18 -0500 Received: by peevish.spa.umn.edu (Postfix, from userid 5000) id 9265474C; Fri, 3 May 2013 11:18:18 -0500 (CDT) Date: Fri, 3 May 2013 11:18:18 -0500 From: Graham Allan <allan@physics.umn.edu> To: freebsd-questions@freebsd.org Subject: Re: Restarting exports disturbs clients Message-ID: <20130503161818.GK32659@physics.umn.edu> References: <alpine.LRH.2.03.1305021137480.32731@nber.org> <5183A8BA.7040309@bananmonarki.se> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5183A8BA.7040309@bananmonarki.se> User-Agent: Mutt/1.5.20 (2009-12-10) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions <freebsd-questions.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>; List-Post: <mailto:freebsd-questions@freebsd.org> List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, <mailto:freebsd-questions-request@freebsd.org?subject=subscribe> X-List-Received-Date: Fri, 03 May 2013 16:18:20 -0000 On Fri, May 03, 2013 at 02:08:26PM +0200, Bernt Hansson wrote: > 2013-05-03 12:49, Daniel Feenberg skrev: > > > >When we change the exportfs file on our FreeBSD 9.1 fileserver: > > > > kill -HUP `cat /var/run/mountd.pid` > > That seems a bit harsh, try /etc/rc.d/nfsd restart or > /etc/nfsserver restart. Sending SIGHUP to mountd has always been the right way to have it reread the exports file - should really be much less disruptive than restarting the service. Graham --
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130503151810.c829c479>