sshd - time out idle connections

Arthur Chance freebsd at
Fri May 3 15:34:05 UTC 2013

On 05/03/13 15:28, Fleuriot Damien wrote:
> Hello list,
> I'm facing this unusual demand at work where we need to time out idle SSH connections for security purposes.
> I've checked the following options from sshd_config but none seems to fit my needs :
> TCPKeepAlive
> ClientAliveCountMax
> ClientAliveInterval
> Basically, I'm trying to defeat the use of the following client-side option:
> ServerAliveInterval 5
> I'm afraid all I've hit now is dead ends.
> Has anyone ever had the same requirements before and, perhaps, found a solution to this ?

There's an idletime parameter in login.conf which will log out idle 
users. Normally sshd bypasses login, but the sshd config parameter 
UseLogin can change that, although it disables X11Forwarding.

Note: this is all from a quick perusal of the source and manuals, I've 
not done it myself.

In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a
new race of servants. Called Uruk-Oh-Hai in the Black Speech, they
were cruel and delighted in torturing spelling and grammar.

		_Lord of the Rings 2.0, the Web Edition_

More information about the freebsd-questions mailing list