Disconnecting Inactive SSH Connections in Linux
SSH or Secure Shell is a cryptographic network protocol that establishes a secure connection between systems remotely. Any user can use this protocol to manage the system remotely but mainly system administrators use it because it transmits data over encrypted channels, which increases its security at a high level. SSH can be used to manage the system, move between files and folders, etc. To disconnect inactive or idle SSH connections we have to set the timeout period for an SSH within which if a server does not receive any request from the client then it will disconnect the connection.
Follow the steps to set the timeout period for an SSH connection:
Step 1: On the server, head over to the /etc/ssh/sshd_config configuration file.
$ sudo vi /etc/ssh/sshd_config
Step 2: Scroll and locate the following parameters and remove the ‘#’ symbol to uncomment it:
- ClientAliveInterval: Sets a timeout interval in seconds after which if no data has been received from the client, sshd will send a message through the encrypted channel to request a response from the client. In simple ways, the number of seconds that the server waits before sending a null packet to the client.
- ClientAliveCountMax: Sets the number of client alive messages which may be sent without sshd receiving any messages back from the client. If this threshold is reached while client alive messages are being sent, sshd will disconnect the client, terminating the session.
The timeout value is given by the product of the above parameters i.e.
Timeout value = ClientAliveInterval * ClientAliveCountMax
For example let’s define our parameter
ClientAliveInterval = 30
ClientAliveCountMax = 3
The Timeout value will be 30 seconds * 3 = 90 seconds. This is an equivalent of 1 minute and 30 seconds, which implies that your ssh session will remain alive for idle time of 1 minute 30 seconds without dropping.
Step 3: Once done, reload the “sshd” for the changes to come into effect.
$ sudo systemctl reload sshd