Solved

TMOUT variable does not work on rbac and sftp.

Posted on 2010-08-25
3
1,206 Views
Last Modified: 2013-11-17
Helo,

I've setup a TMOUT readonly variable on /etc/profile and it's working properly when users via ssh. The session is kicked afterr 1 hour of idle. But When I enter rbac I lost TMOUT variable. See below:

/etc/profile:
TMOUT=3600
readonly TMOUT

Loging via ssh and enter in rbac.
s03is@micro: /home/s03is # echo $TMOUT
3600
s03is@micro: /home/s03is # swrole admin
s03is's Password:
s03is@micro: /home/s03is # echo $TMOUT
0
s03is@micro: /home/s03is #

Or, I use eny client of sftp (windows or unix/linux) and TMOUT does not work.

Any hint?

Thanks.

0
Comment
Question by:sminfo
  • 2
3 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 33523339
Hiya!

You must export the TMOUT variable in order to get it passed into the subshell started by swrole.

/etc/profile:export TMOUT=3600
readonly TMOUT

wmp
0
 

Author Comment

by:sminfo
ID: 33523399
Jee, you rock man!.. working now....nothing about sftp?

Thanks..
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
ID: 33524128
There is no true "idle timeout" mechanism for ssh (and thus for sftp).

You could try the below in sshd_config, but Attention! It will be valid for all ssh sessions for all users, not only sftp:

ClientAliveCountMax 0
and
ClientAliveInterval 3600

With this setting the server will not "wake up" an inactive client and disconnect it after ClientAliveInterval seconds.

I know that it works for ssh sessions, but I never tried i with sftp. It should work however, I think.

The client must not have ServerAliveCountMax set to a value other than zero, else the above will be quashed!

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
prtdiag report hdd failure 10 140
ftpcommand 2 57
help pulling data string using Awk 9 63
SCP a file to multiple machines using a script 4 19
Installing FreeBSD… FreeBSD is a darling of an operating system. The stability and usability make it a clear choice for servers and desktops (for the cunning). Savvy?  The Ports collection makes available every popular FOSS application and packag…
I promised to write further about my project, and here I am.  First, I needed to setup the Primary Server.  You can read how in this article: Setup FreeBSD Server with full HDD encryption (http://www.experts-exchange.com/OS/Unix/BSD/FreeBSD/A_3660-S…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now