Host *
ServerAliveInterval 240
That's how often, in seconds, ssh will send a keepalive request (at the application layer)
to the other end if the connection's been otherwise idle. 4 minutes should be good :-).
The Host line lets you pattern match your destinations. Minimal effort, no impact to your
system (say, as you would have if you mucked with your system's default TCP keepalive
settings), and it works like a charm.
Latest Article
What is this place?
Subscribe in a reader
Subscribe via e-mail
To the owner of kehlet.com
Steve Kehlet's Pages
Copyright (c) 2003-2010 Steven Kehlet
Copyright (c) 2003-2010 Steven Kehlet
Keeping Your SSH Sessions Alive Through Pesky NAT Firewalls
Fri Jun 3rd 2005, 1:12pm
NAT firewalls like to time out idle sessions to keep their state tables clean and their
memory footprint low. Some firewalls are nice, and let you idle for up to a day or so;
some are gestapo and terminate your session after 5 minutes. I finally got tired of my
ssh sessions getting disconnected at places where I don't control the firewalls, and
figured out how to stop it. Turn out ssh has a nice inband keepalive mechanism, and even
lets you set it on a per-destination basis. Just create a ~/.ssh/config file with
something like the following (* will match any host, if you wanted you could restrict this
to particular destinations like *kehlet.cx):
Visitor comments
On Mon Jul 11th 2005, 12:57am, Rajesh Pandey posted:
Can I know more about this.
I want to keep my session alive to log in the hrs on an education portal.
What should I actually do as I am a starter.
Thanks.
Rajesh Pandey
I want to keep my session alive to log in the hrs on an education portal.
What should I actually do as I am a starter.
Thanks.
Rajesh Pandey
On Mon Jul 11th 2005, 5:47pm, Steve Kehlet posted:
These instructions are for Unix systems and OpenSSH. Just create the
directory ".ssh" in your home directory, if it doesn't already
exist, and create a file inside called "config" with the
following two lines:
Host *
ServerAliveInterval 240
(Be sure to indent that second line with at least one space). This should help if your session is getting timed out by a firewall.
Beyond this I would refer you to the OpenSSH documentation at www.openssh.org.
Host *
ServerAliveInterval 240
(Be sure to indent that second line with at least one space). This should help if your session is getting timed out by a firewall.
Beyond this I would refer you to the OpenSSH documentation at www.openssh.org.
On Wed Sep 7th 2005, 11:22pm, Joel posted:
It should be mentioned that the user and group owners of the ~/.ssh/config
file should be the same as ~/.ssh/known_hosts
Also, does anybody know if this option can be added to any of the files in /etc/ssh/ to make it system wide?
Also, does anybody know if this option can be added to any of the files in /etc/ssh/ to make it system wide?
On Thu Sep 8th 2005, 11:51am, Steve Kehlet posted:
Hi Joel. Sure, you can put ServerAliveInterval in the system-wide config
file, a user config file, or on the ssh command line (with -o). See
http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config
On Fri Feb 10th 2006, 6:26pm, Ryan posted:
I did what mentioned above, but got an error when i use ssh:
/home/some_user/.ssh/config: line 2: Bad configuration option: ServerAliveInterval
/home/some_user/.ssh/config: line 3: Bad configuration option: ServerAliveCountMax
/home/some_user/.ssh/config: terminating, 2 bad configuration options
/home/some_user/.ssh/config: line 2: Bad configuration option: ServerAliveInterval
/home/some_user/.ssh/config: line 3: Bad configuration option: ServerAliveCountMax
/home/some_user/.ssh/config: terminating, 2 bad configuration options
On Fri Feb 10th 2006, 8:32pm, Steve Kehlet posted:
Ryan, the version of ssh you have installed is probably too old to support
this feature. If you can, try upgrading.
On Mon Dec 10th 2007, 4:26pm, Raffaella posted:
Pardon my ignorance but where exactly should I create the .ssh/config file
(with the lines "Host *" and "ServerAliveInterval
240")? On the local computer (a MacBookPro) that I use to connect to
the remote host (a linux machine) or on the remote host?
Thanks :)
Thanks :)
On Mon Dec 10th 2007, 5:29pm, Steve Kehlet posted:
Raffaella, put the config file underneath the directory ".ssh"
(which may or may not already exist), underneath your home directory. If
.ssh doesn't already exist you'll need to create it in a Terminal window
("mkdir .ssh").
On Sat Nov 29th 2008, 7:13am, Visitor posted:
What didn't you understand about his fucking question???!!! REMOTE or
LOCAL?
On Sat Nov 29th 2008, 4:24pm, Steve Kehlet posted:
On the local computer. Hope this clears up any confusion.
On Mon Jan 19th 2009, 5:14pm, Roger posted:
Thanks for posting this Steve. And I must say that you have an
unbelievable level of cool to actually respond to that last jerk (and
politely too!).
On Wed Aug 12th 2009, 9:51am, Who posted:
LOL @ VISITOR
On Tue Sep 8th 2009, 11:50pm, 0xdeadbeef posted:
If you happen to be using the PuTTY SSH client on a M$ Windows system,
there is a "Seconds between keepalives" option (disabled by
default) in the "Connection" configuration node.
On Mon Oct 26th 2009, 2:56pm, Visitor posted:
If you're using SecureCRT, you can edit the Global Options (Edit Default
Settings button). The "Terminal" tab has an anti-idle section. I
set mine to "Send protocol NO-OP" every 60 seconds.
On Wed Mar 10th 2010, 12:25pm, Adam Monsen posted:
Very helpful. Thank you!
On Sat Oct 9th 2010, 10:09am, Visitor posted:
I have the following in ~/.ssh/config
Host *
ServerAliveInterval 14400
I did ssh to a remote host, left the terminal idle, and found it frozen when I came back after about 30min. What else could be wrong?
Host *
ServerAliveInterval 14400
I did ssh to a remote host, left the terminal idle, and found it frozen when I came back after about 30min. What else could be wrong?
On Mon Oct 11th 2010, 11:20am, Steve Kehlet posted:
Visitor, I'd suggest trying a smaller value than 14400, maybe 60 or so. If
you wanted you could then try increasing that number and testing with
increasingly longer idle times to see where the cutoff is. Personally, in
this day and age, I don't care much about junk traffic on the wires so
60sec isn't bad.
On Mon Oct 18th 2010, 3:24am, Colin 't Hart posted:
14400 = 4 hours, so it's not surprising that your session has timed-out
after 30 minutes :-)
Set ServerAliveInterval to 60 as Steve suggested.
Set ServerAliveInterval to 60 as Steve suggested.
On Mon Jan 10th 2011, 8:22am, Visitor posted:
Thank you for this post!
On Sat Apr 30th 2011, 5:24pm, theodore posted:
Thanks, this is this most straightforward (and complete) explanation I've
been able to find.
On Thu Jul 7th 2011, 9:58am, Simone posted:
six years old and still useful. Thank you for this post Steve
On Tue Jul 12th 2011, 11:12am, Melli posted:
Finally a solution to the problem that's been driving me nuts since I got a
new modem. Thanks Steve!
On Tue Jul 12th 2011, 5:07pm, Steve Kehlet posted:
Thanks everyone, glad you found this useful.
On Tue Sep 6th 2011, 11:37am, Arda Gozubuyukoglu posted:
If you are using OpenSSH there is an option called
"ClientAliveInterval" and its working quite good
just change it
From:
#ClientAliveInterval 0
To:
ClientAliveInterval 30
Regards,
Arda
just change it
From:
#ClientAliveInterval 0
To:
ClientAliveInterval 30
Regards,
Arda
On Tue Sep 6th 2011, 11:38am, Arda Gozubuyukoglu posted:
Sorry, I forgot to tell , it is in the global configuration of ssh
(sshd_config) under etc/sshd