How to Keep Alive SSH Sessions

Many NAT firewalls time out idle sessions after a certain period of time to keep their trunks clean. Sometimes the interval between session drops is 24 hours, but on many commodity firewalls, connections are killed after as little as 300 seconds. To avoid having your SSH sessions become unresponsive after e.g. 5 minutes, do the following:

On Windows (PuTTY)

In your session properties, go to Connection and under Sending of null packets to keep session active, set Seconds between keepalives (0 to turn off) to e.g. 300 (5 minutes).

On Linux (ssh)

To enable the keep alive system-wide (root access required), edit/etc/ssh/ssh_config; to set the settings for just your user, edit~/.ssh/config (create the file if it doesn’t exist). Insert the following:

Host *

    ServerAliveInterval 300

    ServerAliveCountMax 2

You can also make your OpenSSH server keep alive all connections with clients by adding the following to /etc/ssh/sshd_config:

TCPKeepAlive yes
ClientAliveInterval 300

ClientAliveCountMax 2

These settings will make the SSH client or server send a null packet to the other side every 300 seconds (5 minutes), and give up if it doesn’t receive any response after 2 tries, at which point the connection is likely to have been discarded anyway.

From the ssh_config man page:

ServerAliveCountMax
Sets the number of server alive messages (see below) which may be sent without ssh(1) receiving any messages back from the server. If this threshold is reached while server alive messages are being sent, ssh will disconnect from the server, terminating the session. It is important to note that the use of server alive messages is very different from TCPKeepAlive (below). The server alive messages are sent through the encrypted channel and therefore will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable. The server alive mechanism is valuable when the client or server depend on knowing when a connection has become inactive.

The default value is 3. If, for example, ServerAliveInterval (see below) is set to 15 and ServerAliveCountMax is left at the default, if the server becomes unresponsive, ssh will disconnect after approximately 45 seconds. This option applies to protocol version 2 only; in protocol version 1 there is no mechanism to request a response from the server to the server alive messages, so disconnection is the responsibility of the TCP stack.

ServerAliveInterval
Sets a timeout interval in seconds after which if no data has been received from the server, ssh(1) will send a message through the encrypted channel to request a response from the server. The default is 0, indicating that these messages will not be sent to the server, or 300 if the BatchMode option is set. This option applies to protocol version 2 only. ProtocolKeepAlives and SetupTimeOut are Debian-specific compatibility aliases for this option.

最新文章

  1. SEO技巧之WordPress篇幅
  2. 在eclipse的maven插件中搜寻本地仓库中的jar搜索不到的解决方案
  3. Atitit 知识图谱解决方案:提供完整知识体系架构的搜索与知识结果overview
  4. 使用ASP.NET Web Api构建基于REST风格的服务实战系列教程【二】——使用Repository模式构建数据库访问层
  5. 蓝牙的L2CAP协议
  6. 【LOI2005】【P1306】河流
  7. 【Itext】解决Itext5大并发大数据量下输出PDF发生内存溢出outofmemery异常
  8. 最最常用的 100 个 Java 类(转)
  9. iOS个别界面旋转问题
  10. Android 打开URL
  11. Servlet第五篇【介绍会话技术、Cookie的API、详解、应用】
  12. Model Representation and Cost Function
  13. python的unittest測试框架的扩展浅谈
  14. Poj1258 Agri-Net (最小生成树 Prim算法 模板题)
  15. java 中如何声明线程安全的集合 set, map 和list【转】
  16. Java知多少(61)线程优先级
  17. Vue运行报错--eslint
  18. [转载]Python3编码问题详解
  19. Failed to start docker.service: Unit not found.
  20. 测试浏览器是否支持某个CSS属性

热门文章

  1. 如何创建PostgreSQL数据库
  2. sizeof()与strlen()的区别
  3. armeabi,armeabi-v7a ,x86 和mips 都是什么?
  4. 二维码(2)二维码登录原理及Android客户端示例
  5. [POJ3264]Balanced Lineup(线段树,区间最值差)
  6. vm上安装ubuntu
  7. 4 张 GIF 图帮助你理解二叉查找树
  8. 解决eclipse-helios中Errors running builder JavaScript Validator的问题
  9. Bundle对象的使用
  10. iOS 9的新内容