• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1245
  • Last Modified:

TMOUT variable does not work on rbac and sftp.

Helo,

I've setup a TMOUT readonly variable on /etc/profile and it's working properly when users via ssh. The session is kicked afterr 1 hour of idle. But When I enter rbac I lost TMOUT variable. See below:

/etc/profile:
TMOUT=3600
readonly TMOUT

Loging via ssh and enter in rbac.
s03is@micro: /home/s03is # echo $TMOUT
3600
s03is@micro: /home/s03is # swrole admin
s03is's Password:
s03is@micro: /home/s03is # echo $TMOUT
0
s03is@micro: /home/s03is #

Or, I use eny client of sftp (windows or unix/linux) and TMOUT does not work.

Any hint?

Thanks.

0
sminfo
Asked:
sminfo
  • 2
2 Solutions
 
woolmilkporcCommented:
Hiya!

You must export the TMOUT variable in order to get it passed into the subshell started by swrole.

/etc/profile:export TMOUT=3600
readonly TMOUT

wmp
0
 
sminfoAuthor Commented:
Jee, you rock man!.. working now....nothing about sftp?

Thanks..
0
 
woolmilkporcCommented:
There is no true "idle timeout" mechanism for ssh (and thus for sftp).

You could try the below in sshd_config, but Attention! It will be valid for all ssh sessions for all users, not only sftp:

ClientAliveCountMax 0
and
ClientAliveInterval 3600

With this setting the server will not "wake up" an inactive client and disconnect it after ClientAliveInterval seconds.

I know that it works for ssh sessions, but I never tried i with sftp. It should work however, I think.

The client must not have ServerAliveCountMax set to a value other than zero, else the above will be quashed!

0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now