[CentOS] Force close on unattended SSH/SFTP connections

Yanagisawa, Koji

yanagik317 at netscape.net
Fri Nov 21 00:14:14 UTC 2008


Dear CentOS people,

I'm sure many have faced this before but I can't seem to figure this 
out.

I need unattended OpenSSH and its SFTP connections to be closed after a 
while (say, in 10 minutes).  This needs to override anything that could 
be done from the client side (ServerAliveInterval or keepalives a 
program like PuTTY can send).  I kind of understand it's not always 
easy to know when the client side is "unattended," but I'd like to know 
where people drew the line and what people did in the past.

ClientAliveInterval only seem to help reap connections when the client 
side is unreachable, so this doesn't really help.

TMOUT in shell achieves what I want with SSH, but this doesn't help 
with SFTP.  Setting net.ipv4.tcp_keepalive_probes to 0 kind of does 
what I want (ServerAliveInterval ruins it), and I'm not sure if that's 
generally accepted practice.

If this could be achieved in OpenSSH, that would be great, but if it 
needs to be some other way I'll be glad to find out...

Your insight appreciated,




More information about the CentOS mailing list