Re: OpenSSH not closing idle sessions.
- Date: Tue, 9 Apr 2019 16:01:20 +0100
- From: Thomas Pircher <thp+debian@xxxxxx>
- Subject: Re: OpenSSH not closing idle sessions.
Greg Wooledge wrote:
> Most people want the exact opposite of that.
I don't really know the OP's rationale, but terminating an idle ssh
session is a step in the requirements/guidelines (STIG [1]) for
hardening systems for the US Department of Defense.
> Basically, what you're asking for is directly hostile to any kind of
> sane operation of a computer.
I'm not going to defend this requirement, merely showing one example
where one would want (or would have to) configure the ssh server this
way.
> > ClientAliveInterval 5
This is the setting that the STIG ID RHEL-07-040320 in [2] suggests to
edit.
Thomas
[1] https://iase.disa.mil/stigs
[2] https://rhel7stig.readthedocs.io/en/latest/medium.html#v-72237-all-network-connections-associated-with-ssh-traffic-must-terminate-at-the-end-of-the-session-or-after-10-minutes-of-inactivity-except-to-fulfill-documented-and-validated-mission-requirements-rhel-07-040320