How to Keep Alive SSH Sessions

Many NAT firewalls time out idle sessions after a certain period of time to keep their trunks clean. Sometimes the interval between session drops is 24 hours, but on many commodity firewalls, connections are killed after as little as 300 seconds. To avoid having your SSH sessions become unresponsive after e.g. 5 minutes, do the following:

On Windows (PuTTY)

In your session properties, go to Connection and under Sending of null packets to keep session active, set Seconds between keepalives (0 to turn off) to e.g. 300 (5 minutes).

On Linux (ssh)

To enable the keep alive system-wide (root access required), edit/etc/ssh/ssh_config; to set the settings for just your user, edit~/.ssh/config (create the file if it doesn’t exist). Insert the following:

Host *

    ServerAliveInterval 300

    ServerAliveCountMax 2

You can also make your OpenSSH server keep alive all connections with clients by adding the following to /etc/ssh/sshd_config:

TCPKeepAlive yes
ClientAliveInterval 300

ClientAliveCountMax 2

These settings will make the SSH client or server send a null packet to the other side every 300 seconds (5 minutes), and give up if it doesn’t receive any response after 2 tries, at which point the connection is likely to have been discarded anyway.

From the ssh_config man page:

ServerAliveCountMax
Sets the number of server alive messages (see below) which may be sent without ssh(1) receiving any messages back from the server. If this threshold is reached while server alive messages are being sent, ssh will disconnect from the server, terminating the session. It is important to note that the use of server alive messages is very different from TCPKeepAlive (below). The server alive messages are sent through the encrypted channel and therefore will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable. The server alive mechanism is valuable when the client or server depend on knowing when a connection has become inactive.

The default value is 3. If, for example, ServerAliveInterval (see below) is set to 15 and ServerAliveCountMax is left at the default, if the server becomes unresponsive, ssh will disconnect after approximately 45 seconds. This option applies to protocol version 2 only; in protocol version 1 there is no mechanism to request a response from the server to the server alive messages, so disconnection is the responsibility of the TCP stack.

ServerAliveInterval
Sets a timeout interval in seconds after which if no data has been received from the server, ssh(1) will send a message through the encrypted channel to request a response from the server. The default is 0, indicating that these messages will not be sent to the server, or 300 if the BatchMode option is set. This option applies to protocol version 2 only. ProtocolKeepAlives and SetupTimeOut are Debian-specific compatibility aliases for this option.

How to Keep Alive SSH Sessions的更多相关文章

  1. setting>SSH>sessions setting>勾选ssh Keepalive[ MobaXterm】设置保持SSH连接

    [ MobaXterm]设置保持SSH连接 ssh远程连接会在无操作时自动断开连接.为了保持程序运行和连接,需要设置保持连接. 1.MobaXterm如果使用了MobaXterm客户端,那么需要在设置 ...

  2. Linux UserSpace Back-Door、Rootkit SSH/PAM Backdoor Attack And Defensive Tchnology

    catalog . 引言 . Pam后门 . SSH后门 . Hijacking SSH . Hijacking SSH By Setup A Tunnel Which Allows Multiple ...

  3. SSH Tunneling Explained

    转载: http://chamibuddhika.wordpress.com/2012/03/21/ssh-tunnelling-explained/ March 21, 2012 by Buddhi ...

  4. Java ssh 访问windows/Linux

     Java ssh 访问windows/Linux 工作中遇到的问题: Java code运行在一台机器上,需要远程到linux的机器同时执行多种命令.原来采用的方法是直接调用ssh命令或者调用pli ...

  5. Cisco 学会使用Telnet、SSH

    实验目的:通过控制R1 后 , TELNET 到R2(12.1.1.2),R3(13.1.1.3)对R2,R3 进行远程管理. 在R1 上配置: R1#telnet 12.1.1.2 //从R1 TE ...

  6. java linux ssh jar

    Ganymed SSH-2 for Java http://www.ganymed.ethz.ch/ssh2/ Ganymed SSH-2 for Java is a library which im ...

  7. 转:linux 修改sftp服务默认提供者sshd的session timeout

    ssh连接超时问题解决方案: 1.修改server端的etc/ssh/sshd_config ClientAliveInterval 60 #server每隔60秒发送一次请求给client,然后cl ...

  8. Linux Overflow Vulnerability General Hardened Defense Technology、Grsecurity/PaX

    Catalog . Linux attack vector . Grsecurity/PaX . Hardened toolchain . Default addition of the Stack ...

  9. 网卡驱动引起openstack的mtu问题

    一套Pike版本的openstack测试环境,使用vlan模式的网络,数据网网卡使用的是绿联的usb百兆网卡,遇到了虚拟机网络异常的问题.同一个vlan下,不同宿主机上的两台虚拟机,相互之间可以pin ...

随机推荐

  1. 标准类型内建函数 type()介绍

    我们现在来正式介绍一下 type().在Python2.2 以前, type() 是内建函数.不过从那时起,它变成了一个“工厂函数”.在本章的后面部分我们会讨论工厂函数, 现在你仍然可以将type() ...

  2. TFSAPI

    Team Foundation Server (TFS)工具的亮点之一是管理日常工作项, 工作项如Bug, Task,Task Case等. 使用TFS API编程访问TFS服务器中的工作项, 步骤如 ...

  3. JSON(3)Google解析Json库Gson

    本文参考 : http://www.cnblogs.com/chenlhuaf/archive/2011/05/01/gson_test.html 1.资料 官网: http://groups.goo ...

  4. [HIHO1174]拓扑排序·一(拓扑排序)

    题目链接:http://hihocoder.com/problemset/problem/1174 题意:判断一个有向图是否有环,用拓扑排序,结论就是每次取出点的时候统计一下现在剩下几个点,最后没有剩 ...

  5. [转]微软联合CSDN英雄在线编程大赛

    2014 新年将至,微软联合CSDN英雄会共同举办本次第三届在线编程大赛,题目详情如下: 有一个字符串"iinbinbing",截取不同位置的字符‘b’.‘i’.‘n’.‘g’组合 ...

  6. UVa 1593 (水题 STL) Alignment of Code

    话说STL的I/O流用的还真不多,就着这道题熟练一下. 用了两个新函数: cout << std::setw(width[j]);    这个是设置输出宽度的,但是默认是在右侧补充空格 所 ...

  7. 戏(细)说Executor框架线程池任务执行全过程(下)

    上一篇文章中通过引入的一个例子介绍了在Executor框架下,提交一个任务的过程,这个过程就像我们老大的老大要找个老大来执行一个任务那样简单.并通过剖析ExecutorService的一种经典实现Th ...

  8. ui/ue设计师应该了解的原型设计软件

    前段实践整理过一些原型设计用的软件,这里分享一下,喜欢对更多的PM战线的童鞋有所裨益.(因为交互原型工具Axure ui设计师都很常用了,文中就不专门介绍了) 首先分下类: •1.交互原型(产品能做什 ...

  9. codevs 4927 线段树练习5

    赶在期末考试之前把这道傻逼题调了出来. #include<iostream> #include<cstdio> #include<cstring> #include ...

  10. 学习java之HashMap和TreeMap

    HashMap和TreeMap是Map接口的两种实现,ArrayDeque和LinkedList是Queue接口的两种实现方式.下面的代码是我今天学习这四个数据结构之后写的.还是不熟悉,TreeMap ...