How to Keep Alive SSH Sessions

Many NAT firewalls time out idle sessions after a certain period of time to keep their trunks clean. Sometimes the interval between session drops is 24 hours, but on many commodity firewalls, connections are killed after as little as 300 seconds. To avoid having your SSH sessions become unresponsive after e.g. 5 minutes, do the following:

On Windows (PuTTY)

In your session properties, go to Connection and under Sending of null packets to keep session active, set Seconds between keepalives (0 to turn off) to e.g. 300 (5 minutes).

On Linux (ssh)

To enable the keep alive system-wide (root access required), edit/etc/ssh/ssh_config; to set the settings for just your user, edit~/.ssh/config (create the file if it doesn’t exist). Insert the following:

Host *

    ServerAliveInterval 300

    ServerAliveCountMax 2

You can also make your OpenSSH server keep alive all connections with clients by adding the following to /etc/ssh/sshd_config:

TCPKeepAlive yes
ClientAliveInterval 300

ClientAliveCountMax 2

These settings will make the SSH client or server send a null packet to the other side every 300 seconds (5 minutes), and give up if it doesn’t receive any response after 2 tries, at which point the connection is likely to have been discarded anyway.

From the ssh_config man page:

ServerAliveCountMax
Sets the number of server alive messages (see below) which may be sent without ssh(1) receiving any messages back from the server. If this threshold is reached while server alive messages are being sent, ssh will disconnect from the server, terminating the session. It is important to note that the use of server alive messages is very different from TCPKeepAlive (below). The server alive messages are sent through the encrypted channel and therefore will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable. The server alive mechanism is valuable when the client or server depend on knowing when a connection has become inactive.

The default value is 3. If, for example, ServerAliveInterval (see below) is set to 15 and ServerAliveCountMax is left at the default, if the server becomes unresponsive, ssh will disconnect after approximately 45 seconds. This option applies to protocol version 2 only; in protocol version 1 there is no mechanism to request a response from the server to the server alive messages, so disconnection is the responsibility of the TCP stack.

ServerAliveInterval
Sets a timeout interval in seconds after which if no data has been received from the server, ssh(1) will send a message through the encrypted channel to request a response from the server. The default is 0, indicating that these messages will not be sent to the server, or 300 if the BatchMode option is set. This option applies to protocol version 2 only. ProtocolKeepAlives and SetupTimeOut are Debian-specific compatibility aliases for this option.

How to Keep Alive SSH Sessions的更多相关文章

  1. setting>SSH>sessions setting>勾选ssh Keepalive[ MobaXterm】设置保持SSH连接

    [ MobaXterm]设置保持SSH连接 ssh远程连接会在无操作时自动断开连接.为了保持程序运行和连接,需要设置保持连接. 1.MobaXterm如果使用了MobaXterm客户端,那么需要在设置 ...

  2. Linux UserSpace Back-Door、Rootkit SSH/PAM Backdoor Attack And Defensive Tchnology

    catalog . 引言 . Pam后门 . SSH后门 . Hijacking SSH . Hijacking SSH By Setup A Tunnel Which Allows Multiple ...

  3. SSH Tunneling Explained

    转载: http://chamibuddhika.wordpress.com/2012/03/21/ssh-tunnelling-explained/ March 21, 2012 by Buddhi ...

  4. Java ssh 访问windows/Linux

     Java ssh 访问windows/Linux 工作中遇到的问题: Java code运行在一台机器上,需要远程到linux的机器同时执行多种命令.原来采用的方法是直接调用ssh命令或者调用pli ...

  5. Cisco 学会使用Telnet、SSH

    实验目的:通过控制R1 后 , TELNET 到R2(12.1.1.2),R3(13.1.1.3)对R2,R3 进行远程管理. 在R1 上配置: R1#telnet 12.1.1.2 //从R1 TE ...

  6. java linux ssh jar

    Ganymed SSH-2 for Java http://www.ganymed.ethz.ch/ssh2/ Ganymed SSH-2 for Java is a library which im ...

  7. 转:linux 修改sftp服务默认提供者sshd的session timeout

    ssh连接超时问题解决方案: 1.修改server端的etc/ssh/sshd_config ClientAliveInterval 60 #server每隔60秒发送一次请求给client,然后cl ...

  8. Linux Overflow Vulnerability General Hardened Defense Technology、Grsecurity/PaX

    Catalog . Linux attack vector . Grsecurity/PaX . Hardened toolchain . Default addition of the Stack ...

  9. 网卡驱动引起openstack的mtu问题

    一套Pike版本的openstack测试环境,使用vlan模式的网络,数据网网卡使用的是绿联的usb百兆网卡,遇到了虚拟机网络异常的问题.同一个vlan下,不同宿主机上的两台虚拟机,相互之间可以pin ...

随机推荐

  1. 如何添加或删除ubuntu用户和组【转】

    转自:http://blog.csdn.net/sin90lzc/article/details/7525670 在创建用户时,需要为新建用户指定一用户组,如果不指定其用户所属的工作组,自动会生成一个 ...

  2. 英语学习APP—百词斩

    英语学习APP-百词斩 1.简介: 百词斩是由成都超有爱科技有限公司针对英语学习开发的一款"图背单词软件".软件为每一个单词提供了趣味的配图和例句,让记单词成为一种乐趣. 百词斩覆 ...

  3. 《c程序设计语言》读书笔记--大于8 的字符串输出

    #include <stdio.h> #define MAXLINE 100 #define MAX 8 int getline(char line[],int maxline); voi ...

  4. HeadFirst Jsp 06 (会话管理)

    现在我们希望能够跨多个请求保留客户特定的状态. 现在, 模型中的业务只是检查请求中的参数, 并返回一个响应(建议), 应用中没有谁记得在当前请求之前与这个客户之间发生过什么. 与一个客户的整个会话期间 ...

  5. JAVA网络编程【转】出处不详

    网络编程 网络编程对于很多的初学者来说,都是很向往的一种编程技能,但是很多的初学者却因为很长一段时间无法进入网络编程的大门而放弃了对于该部分技术的学习. 在 学习网络编程以前,很多初学者可能觉得网络编 ...

  6. Cocos2d-x 开发手记

    1.所有的源文件统一新建到Classes里,否则无法找到源文件,这样也便于跨平台编译   2.绘图坐标系,与opengl采用相同坐标系,左下角为原点 纹理坐标系,以左上角为原点   3.最近有在学习C ...

  7. 51nod1262 扔球

    相关讨论里的答案:(by mint_my ) 1.反弹n次,那起点S,每次反弹点,终点S共连接n+1条边,那么原问题变为从S走n+1条边回到S,为令n=n+12.设步长为a条边,gcd(a,n)==1 ...

  8. 点滴积累【SQL Server】---SQL语句操作约束

    说明: --主键约束(Primary Key constraint):要求主键列的数据唯一,并且不允许为空. --唯一约束(Unique Constraint):要求该列唯一,允许为空,但只能出现一个 ...

  9. Strom Topology执行分析:worker数,Bolt实例数,executor数,task数

    在创建Storm的Topology时,我们通常使用如下代码:builder.setBolt("cpp", new CppBolt(), 3).setNumTasks(5).none ...

  10. checkbox美化;给div加上checked属性

    DIV的背景图修改 $("#isOpenmibao").css("backgroundImage", " url('../images/checkbo ...