How to Keep Alive SSH Sessions

Many NAT firewalls time out idle sessions after a certain period of time to keep their trunks clean. Sometimes the interval between session drops is 24 hours, but on many commodity firewalls, connections are killed after as little as 300 seconds. To avoid having your SSH sessions become unresponsive after e.g. 5 minutes, do the following:

On Windows (PuTTY)

In your session properties, go to Connection and under Sending of null packets to keep session active, set Seconds between keepalives (0 to turn off) to e.g. 300 (5 minutes).

On Linux (ssh)

To enable the keep alive system-wide (root access required), edit/etc/ssh/ssh_config; to set the settings for just your user, edit~/.ssh/config (create the file if it doesn’t exist). Insert the following:

Host *

    ServerAliveInterval 300

    ServerAliveCountMax 2

You can also make your OpenSSH server keep alive all connections with clients by adding the following to /etc/ssh/sshd_config:

TCPKeepAlive yes
ClientAliveInterval 300

ClientAliveCountMax 2

These settings will make the SSH client or server send a null packet to the other side every 300 seconds (5 minutes), and give up if it doesn’t receive any response after 2 tries, at which point the connection is likely to have been discarded anyway.

From the ssh_config man page:

ServerAliveCountMax
Sets the number of server alive messages (see below) which may be sent without ssh(1) receiving any messages back from the server. If this threshold is reached while server alive messages are being sent, ssh will disconnect from the server, terminating the session. It is important to note that the use of server alive messages is very different from TCPKeepAlive (below). The server alive messages are sent through the encrypted channel and therefore will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable. The server alive mechanism is valuable when the client or server depend on knowing when a connection has become inactive.

The default value is 3. If, for example, ServerAliveInterval (see below) is set to 15 and ServerAliveCountMax is left at the default, if the server becomes unresponsive, ssh will disconnect after approximately 45 seconds. This option applies to protocol version 2 only; in protocol version 1 there is no mechanism to request a response from the server to the server alive messages, so disconnection is the responsibility of the TCP stack.

ServerAliveInterval
Sets a timeout interval in seconds after which if no data has been received from the server, ssh(1) will send a message through the encrypted channel to request a response from the server. The default is 0, indicating that these messages will not be sent to the server, or 300 if the BatchMode option is set. This option applies to protocol version 2 only. ProtocolKeepAlives and SetupTimeOut are Debian-specific compatibility aliases for this option.

How to Keep Alive SSH Sessions的更多相关文章

  1. setting>SSH>sessions setting>勾选ssh Keepalive[ MobaXterm】设置保持SSH连接

    [ MobaXterm]设置保持SSH连接 ssh远程连接会在无操作时自动断开连接.为了保持程序运行和连接,需要设置保持连接. 1.MobaXterm如果使用了MobaXterm客户端,那么需要在设置 ...

  2. Linux UserSpace Back-Door、Rootkit SSH/PAM Backdoor Attack And Defensive Tchnology

    catalog . 引言 . Pam后门 . SSH后门 . Hijacking SSH . Hijacking SSH By Setup A Tunnel Which Allows Multiple ...

  3. SSH Tunneling Explained

    转载: http://chamibuddhika.wordpress.com/2012/03/21/ssh-tunnelling-explained/ March 21, 2012 by Buddhi ...

  4. Java ssh 访问windows/Linux

     Java ssh 访问windows/Linux 工作中遇到的问题: Java code运行在一台机器上,需要远程到linux的机器同时执行多种命令.原来采用的方法是直接调用ssh命令或者调用pli ...

  5. Cisco 学会使用Telnet、SSH

    实验目的:通过控制R1 后 , TELNET 到R2(12.1.1.2),R3(13.1.1.3)对R2,R3 进行远程管理. 在R1 上配置: R1#telnet 12.1.1.2 //从R1 TE ...

  6. java linux ssh jar

    Ganymed SSH-2 for Java http://www.ganymed.ethz.ch/ssh2/ Ganymed SSH-2 for Java is a library which im ...

  7. 转:linux 修改sftp服务默认提供者sshd的session timeout

    ssh连接超时问题解决方案: 1.修改server端的etc/ssh/sshd_config ClientAliveInterval 60 #server每隔60秒发送一次请求给client,然后cl ...

  8. Linux Overflow Vulnerability General Hardened Defense Technology、Grsecurity/PaX

    Catalog . Linux attack vector . Grsecurity/PaX . Hardened toolchain . Default addition of the Stack ...

  9. 网卡驱动引起openstack的mtu问题

    一套Pike版本的openstack测试环境,使用vlan模式的网络,数据网网卡使用的是绿联的usb百兆网卡,遇到了虚拟机网络异常的问题.同一个vlan下,不同宿主机上的两台虚拟机,相互之间可以pin ...

随机推荐

  1. 深入理解Java内存模型(七)——总结

    处理器内存模型 顺序一致性内存模型是一个理论参考模型,JMM和处理器内存模型在设计时通常会把顺序一致性内存模型作为参照.JMM和处理器内存模型在设计时会对顺序一致性模型做一些放松,因为如果完全按照顺序 ...

  2. YTU 2602: 熟悉题型——类设计( 矩形类定义【C++】)

    2602: 熟悉题型--类设计( 矩形类定义[C++]) 时间限制: 1 Sec  内存限制: 128 MB 提交: 183  解决: 119 题目描述 定义一个矩形类,数据成员包括左下角和右上角坐标 ...

  3. char和vchar

    Varchar往往用来保存可变长度的字符串.简单的说,我们只是给其固定了一个最大值,然后系统会根据实际存储的数据量来分配合适的存储空间. 为此相比CHAR字符数据而言,其能够比固定长度类型占用更少的存 ...

  4. Codeforces Round #362 (Div. 2) A.B.C

    A. Pineapple Incident time limit per test 1 second memory limit per test 256 megabytes input standar ...

  5. 【温故知新】c#事件event

    从上一篇文章[温故知新]C#委托delegate可知,委托delegate和事件Event非常的相似,区别就是event关键字,给delegate穿上了个“马甲”. 让我们来看官方定义: 类或对象可以 ...

  6. aptana studio 3支持jquery

    首先要说的一点是,如果你不使用PortableGit,就不要安装,否则New From Template中会缺失大部分模板.至于还有什么缺陷,暂时没测出来,本人也是刚玩aptana studio 3哈 ...

  7. Incorrect key file for table '/tmp/#sql_882_0.MYI'; try to repair it

    修表方法如下: 一法:. check table 和 repair table 方法1,进入Mysql 的Dos控制台,输入密码进入 2,use database;(你的数据库名) 3, check  ...

  8. 在HibernateTemplate里执行Sql语句

    如下所示只能执行非Select语句: public static void executeSQL(HibernateTemplate hibernateTemplate, String sql) { ...

  9. RIA技术

    Rich Internet Application(富互联网应用程序,简称RIA),一种全新的Web应用程序架构,它结合了桌面软件良好的用户体验和web应用程序易部署的优点,很快获得了企业的青睐. 近 ...

  10. poj2891

    这道题就是扩展的中国剩余定理(模数不互质) 首先我们回忆一下中国剩余定理对于给定n个方程组x≡ai(mod pi) 令m=∏pi wi=m/pi,然后求解关于hi,ri的方程wi*hi+pi*ri=1 ...