HPE Community
Operating System - HP-UX
1752565 Members
5578 Online
108788 Solutions
New Discussion юеВ

Re: SSH timeuot?

 
boje
Regular Advisor

тАО09-12-2008 12:05 AM

тАО09-12-2008 12:05 AM

SSH timeuot?

Hi!

I have a machine that disconnects the cilent if it┬┤s inactive for some minutes. This is not tha case on any of our other servers. I think this server is configured to be more secure than the others, but i can not find any difference in the config files. This is the file i have checked: /opt/sshd/etc/sshd_config Is there any other way to config the sshd service? With any other files? How do i know which config files are used on this system?

Br
Patrik
0 Kudos
Reply
7 REPLIES 7
RAC_1
Honored Contributor

тАО09-12-2008 12:11 AM

тАО09-12-2008 12:11 AM

Re: SSH timeuot?

On the basis of which ssh version and flavor you are using config files will vary!! Also if firewall is in between that can also terminate idle connection on the basis of how it's configured.

openssh seems to have this option-LoginGraceTime for timeouts. it's configured insshd_config. man sshd_config for details.

Also you can check if timeout happens for telnet or not or only for ssh. also check TMOUT variable.
There is no substitute to HARDWORK
0 Kudos
Reply
boje
Regular Advisor

тАО09-12-2008 12:22 AM

тАО09-12-2008 12:22 AM

Re: SSH timeuot?

Hi!
ps -ef|grep sshd
root 823 1 0 Jun 29 ? 10:13 /opt/ssh/sbin/sshd
root 5232 4415 1 10:21:50 pts/0 0:00 grep sshd
root 4376 823 0 10:18:14 ? 0:00 sshd: root@pts/0

So it should be /opt/ssh/etc/sshd_config file that is used? Almost all lines in this file starts with #, it is not used?

Br
Patrik
0 Kudos
Reply
Ivan Krastev
Honored Contributor

тАО09-12-2008 12:27 AM

тАО09-12-2008 12:27 AM

Re: SSH timeuot?

Check for TCPKeepAlive in sshd_config:

TCPKeepAlive

Use this directive to control the flow of TCP keep-alive messages. If keep-alive messages are sent, the connection terminates, or one of the hosts crashes, this directive prevents infinitely hanging sessions.

However, if keep-alive messages are not sent, sessions can hang indefinitely on the server, resulting in ghost users and large consumption of server resources.

The default setting is YES.

For example:

TCPKeepAlive YES

http://docs.hp.com/en/5991-7493/apas02.html

regards,
ivan
0 Kudos
Reply
Sandeep_Chaudhary
Trusted Contributor

тАО09-12-2008 01:21 AM

тАО09-12-2008 01:21 AM

Re: SSH timeuot?

set TMOUT=0 in .profile

it wont time out ur ssh session.

TCPkeepalive yes is another option in sshd_config

0 Kudos
Reply
Ralph Grothe
Honored Contributor

тАО09-12-2008 01:59 AM

тАО09-12-2008 01:59 AM

Re: SSH timeuot?

> So it should be /opt/ssh/etc/sshd_config file that is used? Almost all lines in this file >starts with #, it is not used?

You can try this

$ $(UNIX95= ps -C sshd -o ppid= -o args=|awk '$1==1{print$2}') -h 2>&1|grep -- -f
-f file Configuration file (default /opt/ssh/etc/sshd_config)
Madness, thy name is system administration
0 Kudos
Reply
boje
Regular Advisor

тАО09-12-2008 02:15 AM

тАО09-12-2008 02:15 AM

Re: SSH timeuot?

Hi!

When i compare these two systems, i can not find any differences in the config files. I do not know why the other system keeps timing out. This is from config file:

#TCPKeepAlive yes
#ClientAliveInterval 0
#ClientAliveCountMax 3
#MaxStartups 10

and i can not find any TMOUT= in .profile.

These settings are the same on both systems.

Br
Patrik
0 Kudos
Reply
Sandeep_Chaudhary
Trusted Contributor

тАО09-12-2008 02:51 AM

тАО09-12-2008 02:51 AM

Re: SSH timeuot?

u wont find TMOUT in .profile.
u can manually write

export TMOUNT=0


It works.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.