On May 3, 2013, at 5:16 PM, Arthur Chance <free...@qeng-ho.org> wrote:
> On 05/03/13 15:28, Fleuriot Damien wrote: >> Hello list, >> >> >> >> I'm facing this unusual demand at work where we need to time out idle SSH >> connections for security purposes. >> >> I've checked the following options from sshd_config but none seems to fit my >> needs : >> TCPKeepAlive >> ClientAliveCountMax >> ClientAliveInterval >> >> >> Basically, I'm trying to defeat the use of the following client-side option: >> ServerAliveInterval 5 >> >> >> I'm afraid all I've hit now is dead ends. >> >> >> Has anyone ever had the same requirements before and, perhaps, found a >> solution to this ? > > There's an idletime parameter in login.conf which will log out idle users. > Normally sshd bypasses login, but the sshd config parameter UseLogin can > change that, although it disables X11Forwarding. > > Note: this is all from a quick perusal of the source and manuals, I've not > done it myself. > > -- > In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a > new race of servants. Called Uruk-Oh-Hai in the Black Speech, they > were cruel and delighted in torturing spelling and grammar. > > _Lord of the Rings 2.0, the Web Edition_ I've already tried using login.conf 's idle timeout option and was sad indeed that it didn't apply to SSH connections. It never occured to me that UseLogin might be involved thereā¦ I'll have a look at it as well, thanks for your help Arthur. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
