inactivity timeout or disconnect

Ming-Ching Tiew mingching.tiew at redtone.com
Wed Sep 3 16:47:45 WST 2008


Cristian Ionescu-Idbohrn wrote:
> On Wed, 3 Sep 2008, Ming-Ching Tiew wrote:
> 
>> Ming-Ching Tiew wrote:
>>> I am using dropbear as sshd server and dbclient as ssh client
>>> and I do reverse port forward between the client and the server
>>> ( ie it does not start shell ). That has been working.
>>> 
>>> And I want to have an activitity disconnect after certain
>>> period of inactivity from the client. How can I do it ?
>>> 
>> 
>> I did some search, and I have come to conclusion that
>> dropbear could not do it, and openssh daemon could
>> not do it too ! I am surprised !
>> 
>> Anyone as a workaround ?
> 
> Take a look at the ssh_config man page and look for caseless 'alive'
> string.
> 
>   ServerAliveCountMax
>   ServerAliveInterval
>   TCPKeepAlive
> 

They aren't the same thing as "inactivity timeout" or "idle timeout".
Those parameters serves these purposes :-

1. Keep connection alive for the purpose of firewalling.
2. Disconnect if there is a stale connection due to network
    failure.

And so on. That's more or less the same as dropbear's -K 
( keepalive ) option.

But on a perfect network, the keepalive will continue to
allow session to be maintained even though there is 
no user-level activity and so it will not disconnect 
the session.

Base on the document I read, ssh1 does have a "IdleTimeOut"
parameter but unfortunately, when openssh is written, 
there is no more such implementation.
 
Regards.



More information about the Dropbear mailing list