SSHD Configuration Help.

[PCZero]

I have no idea if what want to do is possible. I have tried working with the following parameters but they do not seem to satisfy the objective...

TCPKeepAlive
ClientAliveInterval
ClientAliveCountMax


I often work with my SSH client running in one window as I multitask in another. At times, the SSH connect will timeout and I have to log back in. I would like to have things set up so I get a visual (or even more preferable audible) warning when the connect is about to expire so I can switch to the SSH window and manually keep it alive.

1) Is this possible?
B) If it is possible, how may I set it up?
iii) I need a shrubbery!

 

[kernow]

The following usually works for me:
On the client side cd to root and edit /etc/ssh/ssh_config ( Note NOT /etc/ssh/sshd_config )
Find the *host entry and add this:
ServerAliveInterval 300
ServerAliveCountMax 3

Restart ssh service.

 

[PCZero]

My server is the only thing that has /etc/ssh/ssh_config, my local machine is a W7 box. So can't edit anything here. I tried adding the lines in question to the file in question on the server and then running service sshd restart but it made no difference in my connections even after logging out/in. I am still timed out w/o notice.

 

[cPanelMichael]

Hello

Do you use a specific SSH client for Windows (e.g. Putty)? If so, you should be able to alter the timeout settings in the client to prevent this from happening.

Thank you.

 

[PCZero]

Michael that is not exactly what I want to do. I use SecureCRT but I don't merely want to adjust the timeout I want to be warned before the timeout is executed if I am working in another window when the threshold is hit.

 

[kernow]

You have a windoze box? are they still going? :D
Ok then, on your server edit /etc/ssh/sshd_config ( yes sshd_config ) and add:

ServerAliveInterval 300
ServerAliveCountMax 3

Restart ssh service.

 

[PCZero]

Tried that and got this on restart...

Starting sshd:
/etc/ssh/sshd_config: line 129: Bad configuration option: ServerAliveInterval
/etc/ssh/sshd_config: line 130: Bad configuration option: ServerAliveCountMax
/etc/ssh/sshd_config: terminating, 2 bad configuration options

 

[cPanelTristan]

Hello,

While I do understand that you'd like to receive an alert about the timeout, I am uncertain why you wouldn't simply use this option in SecureCRT to avoid any timeout happening:

Keep SecureCRT SSH Sessions from Disconnecting

This would prevent the issue entirely for a timeout as periodic packets to the window (every 60 or whatever seconds) to avoid a timeout in the first place. Is there a reason that a timeout must exist rather than using this method in the program being used? It would solve the issue entirely from happening.

Thanks!

 

[PCZero]

I want the notification and a required manual response form me so that if I walk away form my desk while in an SSH session, the timeout will close the connect rather than leave it open unattended. If I simply use the feature within the SecureCRT environment, the conenct stays alive with no concern as to whether I am actually sitting here at my desk or not.

 

[cPanelTristan]

The issue is that I don't believe what you want is possible to have happen. You are welcome to contact SecureCRT to ask if that client application provides any type of option that might do this, but there is nothing in sshd_config server-side that will send an alert before the disconnection to warn you.

This is SecureCRT's support area (which appears to provide free support even during the evaluation):

Terminal Replacement Program Support-Strong Encryption Support Updates

 

[PCZero]

Drat... I was hoping that the parameters we had been discussing would offer that. I do see a session parameter in Secure CRT for audio bell (and visual bell as well) but the documentation is sketchy at best. I do find that this functionality is not present to be a security weakness (from an IT audit point of view anyway). Thank you for the answer. I will continue to research this. Any additional input is welcome.