Solved

TMOUT variable does not work on rbac and sftp.

Posted on 2010-08-25
3
1,197 Views
Last Modified: 2013-11-17
Helo,

I've setup a TMOUT readonly variable on /etc/profile and it's working properly when users via ssh. The session is kicked afterr 1 hour of idle. But When I enter rbac I lost TMOUT variable. See below:

/etc/profile:
TMOUT=3600
readonly TMOUT

Loging via ssh and enter in rbac.
s03is@micro: /home/s03is # echo $TMOUT
3600
s03is@micro: /home/s03is # swrole admin
s03is's Password:
s03is@micro: /home/s03is # echo $TMOUT
0
s03is@micro: /home/s03is #

Or, I use eny client of sftp (windows or unix/linux) and TMOUT does not work.

Any hint?

Thanks.

0
Comment
Question by:sminfo
  • 2
3 Comments
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
Comment Utility
Hiya!

You must export the TMOUT variable in order to get it passed into the subshell started by swrole.

/etc/profile:export TMOUT=3600
readonly TMOUT

wmp
0
 

Author Comment

by:sminfo
Comment Utility
Jee, you rock man!.. working now....nothing about sftp?

Thanks..
0
 
LVL 68

Assisted Solution

by:woolmilkporc
woolmilkporc earned 500 total points
Comment Utility
There is no true "idle timeout" mechanism for ssh (and thus for sftp).

You could try the below in sshd_config, but Attention! It will be valid for all ssh sessions for all users, not only sftp:

ClientAliveCountMax 0
and
ClientAliveInterval 3600

With this setting the server will not "wake up" an inactive client and disconnect it after ClientAliveInterval seconds.

I know that it works for ssh sessions, but I never tried i with sftp. It should work however, I think.

The client must not have ServerAliveCountMax set to a value other than zero, else the above will be quashed!

0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now