Open SSH Server Connection Drops Out After Few or N Minutes of Inactivity
Author: NIXCRAFT
Published Date: October 16, 2006
Last Updated: October 16, 2006
Category: HOWTO, TIPS, TROUBLESHOOTING
If you’ve experienced your OpenSSH server connection dropping out after a few minutes or a specific period of inactivity, don’t worry; it’s not a bug but rather a security feature. This behavior is usually due to a packet filter or NAT (Network Address Translation) device timing out your TCP connection as a security measure. This issue typically occurs when using SSH protocol version 2.
To resolve this problem and prevent your SSH connection from being terminated after a period of inactivity, follow these steps:
Method 1: Adjust SSH Server Configuration
-
Open your SSH server configuration file for editing:
1
vi /etc/ssh/sshd_config
-
Modify the following settings:
-
ClientAliveInterval
: This sets a timeout interval in seconds (e.g., 30) after which, if no data has been received from the client, the SSH server (sshd) will send a message through the encrypted channel to request a response from the client. The default is 0, indicating that these messages will not be sent to the client. This option applies to protocol version 2 only. -
ClientAliveCountMax
: This sets the number of client alive messages (e.g., 5) that may be sent without sshd receiving any messages back from the client. If this threshold is reached while client alive messages are being sent, sshd will disconnect the client, terminating the session.
Example configuration:
1 2
ClientAliveInterval 30 ClientAliveCountMax 5
-
-
Save and close the file.
-
Restart the SSH server to apply the changes:
1
/etc/init.d/ssh restart
OR
1
service sshd restart
Method 2: Adjust SSH Client Configuration
Alternatively, you can make adjustments on the client side (your workstation) by enabling the ServerAliveInterval
option in the SSH client’s configuration file.
-
Open the SSH client’s configuration file for editing:
1
vi /etc/ssh/ssh_config
-
Append or modify the following values:
-
ServerAliveInterval
: This sets a timeout interval in seconds. If no data has been received from the server within this interval, SSH will send a message through the encrypted channel to request a response from the server. -
ServerAliveCountMax
: This sets the maximum number of server alive messages that can be sent without receiving a response from the server before SSH disconnects.
Example configuration:
1 2
ServerAliveInterval 15 ServerAliveCountMax 3
-
-
Save and close the file.
With this configuration, if the server becomes unresponsive, SSH will disconnect after approximately 45 seconds. Remember that this option applies to protocol version 2 only.
For more information and additional configuration options, refer to the man pages of ssh
, sshd
, and sshd_config
/ssh_config
.
Please note that the article was originally published on October 16, 2006. While the information provided here is still relevant, it’s essential to consider any updates or changes in SSH configuration options that may have occurred since then.