run command on ssh inactivity?
Does anyone know if you can run a command on ssh inactivity? I want to auto-lock my ssh terminal after a few mins.
Thanks |
I read through the sshd_config man page, and this is what I have found:
ClientAliveInterval Sets a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. The default is 0, indicating that these messages will not be sent to the client. This option applies to protocol version 2 only. ClientAliveCountMax Sets the number of client alive messages (see above) which may be sent without sshd receiving any messages back from the client. If this threshold is reached while client alive messages are being sent, sshd will disconnect the client, terminating the session. It is important to note that the use of client alive messages is very different from KeepAlive (below). The client alive messages are sent through the encrypted channel and therefore will not be spoofable. The TCP keepalive option enabled by KeepAlive is spoofable. The client alive mechanism is valuable when the client or server depend on knowing when a connection has become inactive. The default value is 3. If ClientAliveInterval (above) is set to 15, and ClientAliveCountMax is left at the default, unresponsive ssh clients will be disconnected after approximately 45 seconds. So if you are looking for say, a 5 minute timeout, set the ClientAliveInterval to 30, and then set the ClientAliveCountMax to 10. 10x30=300 seconds which is equal to 5 minutes. |
i'm more looking to run "vlock" on inactivity. i want the client connected but password protected, i think my only way is to script this. Does anyone have any ideas on how a shell script could detect ssh inactivity?
|
You could use say:
Code:
tcpdump -i eth0 port 22 I am wondering though, are you just trying to protect the session physically? If so would not a password protected screensaver do the trick? If not using X, there may be similar tools for the console... |
yeah, i use vlock (http://freshmeat.net/projects/vlock/) as a command line locking utility. It prompts for the current user's password and locks the terminal. I think tcpdump could be hard to implement in a shell script, at least for me. I think i will use a part of 'netstat' and check it until the status of the ssh session becomes inactive.
|
oops, netstat doesn't change the status when there is inactivity, nevermind.
|
Quote:
|
All times are GMT -5. The time now is 04:03 AM. |