|
disconnect idle ssh sessions
Hi,
Is there a better way to disconnect idle ssh clients, what I did is to look for the PID of the idle session then kill it. If you have a better way of doing it. Idle ssh sessions that I encounter usually has an idle time of 1 day above. |
Add these lines to your ssh config file (sshd is the daemon for ssh) usually /etc/ssh/sshd_config. (not sure about fedora!)
ClientAliveInterval <time interval in seconds> ClientAliveCountMax 0 Restart sshd (try the command "service sshd reload" as root) Code:
From the sshd_config manpage: |
keratos
tried that method but idle ssh sessions still wont disconnect |
Is your client sending a "keep alive" to the ssh server.
I cant think of anything else, sorry? |
Quote:
|
putty can be (and usually is) configured to send "keep-alives".
Did you check this? |
Quote:
|
No
not unless it is still running or something else is sending keepalives. something MUST be using the connection. check your IP traffic on your host - something must be sending traffic down the line. |
here's the screenshot
http://i20.photobucket.com/albums/b2...reenshot-3.png as you can see those sessions which are idle for days should be disconnected already since no more ssh client are open on their pc. |
after digging the internet for possible solutions, I finally got one and it works
i added TMOUT=300 to /etc/bashrc to disconnect users which are idle for 5 minutes |
Quote:
Putting the timeout in a bashrc is extreme as it will disconnect at the client end rather than the server end. But if you are happy with this , fine , I personally would find out what the issue is and fix it correctly. Closing down login shells just to disconnect from the ssh server is extreme in my view and may shut users down who are not even using ssh and they will wonder why? Not the sort of thing a good sysadmin would do, in my humble view. |
From what i read, bashrc tmout setting will only disconnect idle sessions of telnet and ssh and nothing more, by the way that is not "top" that is "w".
|
Incorrect!!!
http://www.gnu.org/software/bash/manual/bashref.html search for "TIMEOUT" - its all there! and top / w , not too much difference , generally process/user related , I can't get excited about the difference suffice to say it IS NOT as I proposed you obtain, which was a list of IP traffic and sink/sources to establish what and who is sending, if at all, keepalives to the ssh server. Anyway, you're happy now. Byeeeeee |
so, what do you think are affected by bashrc's tmout setting aside from your shell?
|
Quote:
As stated above, in my humble view, killing the shell this way is not what a sysadmin would probably do. Its an overkill. Any user who is dropped into a bash shell will find themselves mysteriously logged out after "a period of inactivity". If I were a sysadmin, I would wonder why anyone had took a sledgehammer to a nut in this way. |
As of this moment, this is the only method that works since your suggestion on sshd_config wont work on my system, there's must be something wrong with the server because it wont work but i dont want to do anything critical at the moment because this is a production server, anyway this is scheduled to be replaced with a new version of fedora since it is still running of fc2.
|
FC2 - WoW! yawn.
The instructions are not mine, they are sshd standard instructions. As I said, and I'm slightly yawning now, you should establish what IP traffic there is to the server. You STILL have not instigated this investigation and yet deem it appropriate to apportion an element of dissatisfaction on my assistance. I give up! |
typing EXIT like at the windows command line simply killed it for me!
|
Hi Sergi, welcome to LQ!
Can you please in the future try not to reanimate threads that were dead for several years? Specially if your contribution doesn't address the OPs problem. Cheers, Tink |
Hi Yes sorry, distracted train of thought, apologies to all.
|
| All times are GMT -5. The time now is 06:28 PM. |