HI,
According to user guide built-in ssh server can be configured to close idle sessions via idleConnectionTimeout conf variable.
Is there any recommended way to do the same with OpenSSH?
Is there any way to do the same via netconf-subsys adaptations?
Can any other configuration setup enforce idle connection termination from ConfD side?
BR,
Tasos
Hm, this question would probably be more suited for some OpenSSH -related forum. Anyway, I scanned the sshd_config(5) manual page but couldn’t find an equivalent parameter.
No to both, since the case where this timeout applies is when there is an established connection, but no open channels a.k.a. sessions. I.e. from ConfD’s point of view, this condition is invisible when using OpenSSH - it is only a matter of state within the sshd daemon.
However a major reason for having this parameter in ConfD is that this condition can occur “accidentally”, e.g. if there is a network breakage and a client reboot, and then those “orphaned” connections would stay around forever if not cleaned up by ConfD (there are other settings for idle timeout on open sessions). This case could probably be addressed by making use of the ClientAliveCountMax/ClientAliveInterval settings in OpenSSH. That won’t address the case of a client wasting resources by creating lots of connections without opening channels on them, though, but I don’t know if tthat is cause for concern.