[Bug 3172] Idle connections not closed automatically

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Jun 2 15:56:27 AEST 2020


https://bugzilla.mindrot.org/show_bug.cgi?id=3172

--- Comment #2 from Stefan <stefan.laesser at omicronenergy.com> ---
Yes, I am testing by not passing keystrokes through the session.

Can you please tell me which settings are for closing idle sessions
then? :) 

All I have found on the internet, and even the CIS recommendation
(https://www.cisecurity.org/cis-benchmarks/), is to use these two
settings for closing idle connections automatically. 

Before using OpenSSH 8.2 we were running OpenSSH 7.9. With 7.9
everything worked as expected with ClientAliveCountMax=0 and
ClientAliveInterval=300 - any idle connection was closed automatically
after 5min. Since the update this does not work anymore. We did not
change anything in our sshd config.

In the OpenSSH 8.2 release notes I have found a bug fix regarding
ClientAliveCountMax which indicates a changed behavior
(https://bugzilla.mindrot.org/show_bug.cgi?id=2627)

 * sshd(8): make ClientAliveCountMax=0 have sensible semantics: it
   will now disable connection killing entirely rather than the
   current behaviour of instantly killing the connection after the
   first liveness test regardless of success. bz2627

That is why I have played around with ClientAliveCountMax but without
success.

Your help is really appreactiated - thank you.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list