SSH Secure Software

Hello group,

I'm using SSH Secure Shell(Version 3.29) to connect from a Windows machine to a Linux server. The problem is that it loses the connection when I leave my system for 1 hours or so. How can I increase this period to 2 hours at least? or there is a setting that I can do on server side?


Regards,
ak
akohanAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
gheistConnect With a Mentor Commented:
So your firewall just drops connection after some predefinded time. There is nothing you can do. Ask firewall admin to fix.
0
 
rindiCommented:
Check the following Link:

http://openssh.org/faq.html#2.12
0
 
TintinCommented:
The SSH client should have some keepalive option you can set.  It's generally easier to set it from the client side, rather the server side.
0
Worried about phishing attacks?

90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!

 
Jan SpringerCommented:
Check your ssh daemon, may be located in /etc/ssh/sshd_config and see if you have the IdleTimeout specified:

IdleTimeout time
    Sets idle timeout limit to time in seconds (s or nothing afternumber), in minutes (m), in hours (h), in days (d), or in weeks (w).If the connection have been idle (all channels) for that long time thechild process is killed with SIGHUP, and connection is closed down.

If IdleTimeout is not specified in the server ssh daemon, then it's your client is most likely configured to terminate the connection after a specified idle time.
0
 
akohanAuthor Commented:

Yes, that is what I did before but I didn't find any parameter on client's side setting. Regarding server side I found the file as RINDI had suggested and the value assigned to CleitnAliveInterval is 0. Should I chagne to 1 or .... ?

Regards,
ak
0
 
akohanAuthor Commented:

No I don't have IdelTimeOut in there.

Thanks,
ak
0
 
akohanAuthor Commented:


But I do see:

#LoginGraceTime 2m

this works?

0
 
TintinCommented:
   ClientAliveInterval

         Sets a timeout interval in seconds after  which,  if  no
         data  has  been  received  from the client, sshd sends a
         message through  the  encrypted  channel  to  request  a
         response  from  the client. The default is 0, indicating
         that these messages will not be sent to the client. This
         option applies only to protocol version 2.

     LoginGraceTime

         The server disconnects after this time (in  seconds)  if
         the user has not successfully logged in. If the value is
         0, there is no time limit. The default is 120 (seconds).
0
 
omarfaridCommented:
Hi,

You may set it like

ClientAliveInterval 300

here 300 seconds = 5 min
0
 
Gabriel OrozcoSolution ArchitectCommented:
to override setup configuration and be able to come back later to a server I'm connected to, I use

idle.ksh:
#! /bin/ksh
clear
echo "Idle running. hit ctrl-c to exit"
while :;do
  sleep 5
done

and start the program...

HTH
0
 
ahoffmannCommented:
there may be a couple of reasons ..
first start with your client's ssh config:

  KeppAlive no

then you need to instruct your shell to ignore the idle logout (if possible):

  unset TMOUT
  TMOUT=0
  unset autologout
  unsetenv TCSH_SHELL_AUTOLOGOUT
(above depends on your shell)

then you have to check your server's sshd_config:

  ClientAliveInterval 0

and if all that fails you have to consult the admin of your workstation and the server to tweak TCP/IP kernel settings.
0
 
gheistCommented:
You should be using PuTTY instead.
0
 
akohanAuthor Commented:

Yes, I gave up on this game so I used putty but same thing happens. I'm sure there must be a setting on server side. So the solution wasn't putty too :(

Thanks anyway.

0
 
akohanAuthor Commented:

Now, I'm checking the server side parameter LoginGraceTime as was pointed out by Tintin. I will get back to you guys soon. Sorry for the delay I have been busy with school exams.

Regards,
ak
0
 
akohanAuthor Commented:

No. unfrotunately LoginGraceTime doesn't work either. Any other comment on how to avoid getting kicked out when a there is on activity on client side? I need a connection which stays as long as I have not logged out.

Thanks,
ak
0
 
omarfaridCommented:
One old trick I use to do, is to have a script that will send a message to the terminal when I am not working on it to keep the session live.

e.g.

while true
do
   echo "-.-.-."
   sleep 60
done
0
 
ahoffmannCommented:
did you read http:#20392977 ?

a simple workaround to keep an idle terminal bussy
  ping -i 299 127.0.0.42
0
 
Gabriel OrozcoSolution ArchitectCommented:
As I said... a script called idle was my most practical solution
0
 
akohanAuthor Commented:

Thanks for your response but how about other users I know in my working place dont' have such problem? they don't use any script and using the same client ?

Regards,
ak
0
 
ahoffmannCommented:
> .. they don't use any script
.. simply 'cause they did what I already suggested :-))
0
 
akohanAuthor Commented:

Would you please tell me what script are you talking about?

Thanks,
ak
0
 
Gabriel OrozcoSolution ArchitectCommented:
check my comment #20392693
0
 
gheistCommented:
Let me suggest you get putty ssh client that supports keep-alive from client side.
Old SSH.COM client is no better than any other legacy software.
0
 
ahoffmannCommented:
> Would you please tell me what script are you talking about?
click here --> http:#20392977
0
 
akohanAuthor Commented:

I see there:

#TCPKeepAlive yes

but it seems it is commented out.  and I'm wondering if it is exactly what you had pointed out!

Any comments?

Thanks,
ak

0
 
omarfaridCommented:
Uncomment the line and see if you get what you want.

0
 
akohanAuthor Commented:

I believe it is already commented out since has a # in advnace.

Any comments?
0
 
gheistCommented:
Option you mention is enabled by default. Your firewall drops connections with this option set.
     ClientAliveCountMax
             Sets the number of client alive messages (see below) which may be
             sent without sshd(8) receiving any messages back from the client.
             If this threshold is reached while client alive messages are be-
             ing sent, sshd will disconnect the client, terminating the ses-
             sion.  It is important to note that the use of client alive mes-
             sages is very different from TCPKeepAlive (below).  The client
             alive messages are sent through the encrypted channel and there-
             fore will not be spoofable.  The TCP keepalive option enabled by
             TCPKeepAlive is spoofable.  The client alive mechanism is valu-
             able when the client or server depend on knowing when a connec-
             tion has become inactive.

             The default value is 3.  If ClientAliveInterval (see below) is
             set to 15, and ClientAliveCountMax is left at the default, unre-
             sponsive SSH clients will be disconnected after approximately 45
             seconds.  This option applies to protocol version 2 only.

     ClientAliveInterval
             Sets a timeout interval in seconds after which if no data has
             been received from the client, sshd(8) will send a message
             through the encrypted channel to request a response from the
             client.  The default is 0, indicating that these messages will
             not be sent to the client.  This option applies to protocol ver-
             sion 2 only.

Make sure you set Protocol 2 instead of Protocol 2,1 to mak sure you connect using this option
0
 
omarfaridCommented:
I mean remove the # :)
0
 
gheistCommented:
openssh server's default config file has default configuration options commented out. No need to reduntantly enable them.
0
 
ahoffmannCommented:
gheist, do you know how that server in question was compiled? I doubt.
Anyway, I believe it's a default one until someone checked all possibilities.
0
 
gheistCommented:
When portable openssh is compiled and installed it generates config file with default options all commented out.
0
 
akohanAuthor Commented:

I have applied those changes to the sshd.conf and currently testing it.

Thanks for your help.
0
 
gheistCommented:
Have you restarted sshd after "applying" config change?

Hint: /etc/init.d/sshd restart
0
 
akohanAuthor Commented:

NO! thanks for sharing this.
0
 
akohanAuthor Commented:

Unfortunately, still the connection drops. Any comments?

Thanks,
ak


0
 
omarfaridCommented:
Did you try running

while true
do
   echo "-.-.-."
   sleep 60
done

0
 
akohanAuthor Commented:

Not yet!  but where should I place this code at?

0
 
gheistCommented:
In terminal.
Does connection drop when you use putty ssh client?
0
 
akohanAuthor Commented:

I've used Putty, SecureCRT, Secure Shell Client so far. Doesn't matter what client application I use it will drop the connection.

0
 
Gabriel OrozcoSolution ArchitectCommented:
please try omarfarid's suggestion or mine. both try to start a program in order to maintain the packet flow on the network and thus avoid disconnection.

0
 
akohanAuthor Commented:

I guess there is no answer for this question and the only thing which works here is the firewall issue.

Thanks for your time.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.