RootBSD blog » ssh http://www.rootbsd.net/blog Our FreeBSD Hosting Discussion Wed, 16 Jun 2010 21:37:25 +0000 http://wordpress.org/?v=2.9.2 en hourly 1 SSH session timeout http://www.rootbsd.net/blog/2008/ssh-session-timeout/ http://www.rootbsd.net/blog/2008/ssh-session-timeout/#comments Tue, 19 Feb 2008 01:37:58 +0000 admin http://www.rootbsd.net/blog/freebsd-jails/ssh-session-timeout/ Have you ever noticed that on some Internet connections, ssh sessions will drop for no reason other than a lack of activity? I have noticed this when using ssh from some open access points and friends houses. The reason isn’t a poor internet connection but actually a poor router. Most home/office routers perform NAT to connect users on a private network to the public Internet. The router must keep table open of what connections are active, connecting local IP addresses to remote servers. The problem is that if a TCP session (such as ssh) doesn’t send data after awhile, the router will think it timed out and remove it from its NAT connections table. This results in a dropped ssh connection.

To workaround this, you can setup a keepalive on your ssh connection. The keepalive will send a heartbeat check between the client and server, so the session stays active and doesn’t look dormant. You can configure this in the Windows client, putty, or you can configure it in opensshd on your FreeBSD vps.

To set this up, edit /etc/ssh/sshd_config on your VPS or server and add:

ClientAliveInterval 300
ClientAliveCountMax 3

This will have sshd send a heartbeat every 5 minutes (300 seconds) and allow for up to 3 missed heartbeat responses before considering the session dead.

You must then restart sshd to apply the settings:

/etc/rc.d/sshd restart

Cheers

]]> http://www.rootbsd.net/blog/2008/ssh-session-timeout/feed/ 2