loading...

OpenSSH: Configuration To Keep Connection Alive (To Suppress Timeout)

nabbisen profile image Heddi Nabbisen Updated on ・2 min read

OpenSSH is "the premier connectivity tool for remote login with the SSH protocol" developed by the OpenBSD Project.

It has a very cool logo in which Puffy is really dressed to kill 😄

openssh-logo

Well, it's uncomfortable if the connections are killed frequently while maintaining servers.
This post shows how to configure to keep the connection alive.

✿ ✿ ✿

Thanks to rich documentation the OpenBSD project provides, the manuals, ssh_config and sshd_config, are very helpful.

The server/client alive messages are used in order to keep ssh connection alive.
They are sent between clients and servers to request a response.
Besides, they are sent through the encrypted channel. (It's nice!)

What to actually do is just to edit the config file about them in either a client or a server.
Of course, it's OK to edit both.

Case 1: Configuration In A Client

Edit the config file like this:

$ nvim ~/.ssh/config

Then, configure ServerAliveInterval :

ServerAliveInterval 60

ServerAliveInterval means a timeout interval in seconds.
The default value is 0, which indicates no messages to request a response are sent from a client to a server.

Optionally, cofiguration of ServerAliveCountMax is available:

ServerAliveCountMax 5

ServerAliveCountMax means the maximum counts to send the messages.
The default value is 3.

For example, with the above settings, the server alive messages work like these:

#1. When 60 seconds are passed, the 1st message is sent from the client to the server.

- Client: "Are you alive?"
- Server: "Yes, I am!"

#2. When 60 * 2 = 120 seconds are passed, the 2nd message is sent.
#3. When 60 * 3 = 180 seconds are passed, the 3rd message is sent.
#4. When 60 * 4 = 240 seconds are passed, the 4th message is sent.
#5. When 60 * 5 = 300 seconds are passed, the 5th message is sent.

After all, if the server becomes unresponsive, ssh will disconnect after approximately 300 seconds.

Case 2: Configuration In A Server

The server-side configuration is used for the client alive messages, whose settings are almost the same to the server ones.
The remarkable difference is that the alive messages are sent from the servers to the clients and the servers will receive any messages back from the clients.

Edit sshd_config like this:

# nvim /etc/ssh/sshd_config

Then, configure ClientAliveInterval / ClientAliveCountMax up to the required.

✿ ✿ ✿

Happy serving 🕊

Posted on by:

nabbisen profile

Heddi Nabbisen

@nabbisen

An ICT designer/developer and a security monk. "With a cool brain and a warm heart", I am challenging unsolved problems in our society. I use OpenBSD/Rust/etc.

Discussion

pic
Editor guide