PCZero

Well-Known Member
Dec 13, 2003
780
103
193
Earth
I have no idea if what want to do is possible. I have tried working with the following parameters but they do not seem to satisfy the objective...

TCPKeepAlive
ClientAliveInterval
ClientAliveCountMax


I often work with my SSH client running in one window as I multitask in another. At times, the SSH connect will timeout and I have to log back in. I would like to have things set up so I get a visual (or even more preferable audible) warning when the connect is about to expire so I can switch to the SSH window and manually keep it alive.

1) Is this possible?
B) If it is possible, how may I set it up?
iii) I need a shrubbery!
 

kernow

Well-Known Member
Jul 23, 2004
1,031
62
178
cPanel Access Level
Root Administrator
The following usually works for me:
On the client side cd to root and edit /etc/ssh/ssh_config ( Note NOT /etc/ssh/sshd_config )
Find the *host entry and add this:
ServerAliveInterval 300
ServerAliveCountMax 3

Restart ssh service.
 
Last edited:

PCZero

Well-Known Member
Dec 13, 2003
780
103
193
Earth
My server is the only thing that has /etc/ssh/ssh_config, my local machine is a W7 box. So can't edit anything here. I tried adding the lines in question to the file in question on the server and then running service sshd restart but it made no difference in my connections even after logging out/in. I am still timed out w/o notice.
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,268
463
Hello :)

Do you use a specific SSH client for Windows (e.g. Putty)? If so, you should be able to alter the timeout settings in the client to prevent this from happening.

Thank you.
 

PCZero

Well-Known Member
Dec 13, 2003
780
103
193
Earth
Michael that is not exactly what I want to do. I use SecureCRT but I don't merely want to adjust the timeout I want to be warned before the timeout is executed if I am working in another window when the threshold is hit.
 

kernow

Well-Known Member
Jul 23, 2004
1,031
62
178
cPanel Access Level
Root Administrator
You have a windoze box? are they still going? :D
Ok then, on your server edit /etc/ssh/sshd_config ( yes sshd_config ) and add:

ServerAliveInterval 300
ServerAliveCountMax 3

Restart ssh service.
 

PCZero

Well-Known Member
Dec 13, 2003
780
103
193
Earth
Tried that and got this on restart...

Starting sshd:
/etc/ssh/sshd_config: line 129: Bad configuration option: ServerAliveInterval
/etc/ssh/sshd_config: line 130: Bad configuration option: ServerAliveCountMax
/etc/ssh/sshd_config: terminating, 2 bad configuration options
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
43
348
somewhere over the rainbow
cPanel Access Level
Root Administrator
Hello,

While I do understand that you'd like to receive an alert about the timeout, I am uncertain why you wouldn't simply use this option in SecureCRT to avoid any timeout happening:

Keep SecureCRT SSH Sessions from Disconnecting

This would prevent the issue entirely for a timeout as periodic packets to the window (every 60 or whatever seconds) to avoid a timeout in the first place. Is there a reason that a timeout must exist rather than using this method in the program being used? It would solve the issue entirely from happening.

Thanks!
 

PCZero

Well-Known Member
Dec 13, 2003
780
103
193
Earth
I want the notification and a required manual response form me so that if I walk away form my desk while in an SSH session, the timeout will close the connect rather than leave it open unattended. If I simply use the feature within the SecureCRT environment, the conenct stays alive with no concern as to whether I am actually sitting here at my desk or not.
 

cPanelTristan

Quality Assurance Analyst
Staff member
Oct 2, 2010
7,607
43
348
somewhere over the rainbow
cPanel Access Level
Root Administrator
The issue is that I don't believe what you want is possible to have happen. You are welcome to contact SecureCRT to ask if that client application provides any type of option that might do this, but there is nothing in sshd_config server-side that will send an alert before the disconnection to warn you.

This is SecureCRT's support area (which appears to provide free support even during the evaluation):

Terminal Replacement Program Support-Strong Encryption Support Updates
 

PCZero

Well-Known Member
Dec 13, 2003
780
103
193
Earth
Drat... I was hoping that the parameters we had been discussing would offer that. I do see a session parameter in Secure CRT for audio bell (and visual bell as well) but the documentation is sketchy at best. I do find that this functionality is not present to be a security weakness (from an IT audit point of view anyway). Thank you for the answer. I will continue to research this. Any additional input is welcome.