Clarification of sshd ClientAlive* settings
This document (000021602) is provided subject to the disclaimer at the end of this document.
Environment
Situation
ClientAliveCountMaxSets the number of client alive messages which may be sent without sshd(8) receiving any messages back from the client. If this threshold is reached while client alive messages are being sent, sshd will disconnect the client, terminating the session....The default value is 3. If ClientAliveInterval is set to 15, and ClientAliveCountMax is left at the default, unresponsive SSH clients will be disconnected after approximately 45 seconds. Setting a zero ClientAliveCountMax disables connection termination.
Resolution
Referring to the above settings, the connection is terminated 45 seconds AFTER sending the first client alive message that receives no response. However, since the first client alive message is sent after ClientAliveInterval seconds of client inactivity, this results in:
ClientAliveInterval + (ClientAliveInterval * ClientAliveCountMax) seconds since the last successful communication.
Applying the above settings, this effectively means that the connection is terminated 15 + (15 * 3) seconds = 60 seconds.
Additional Information
It should also be emphasized that saying "the last client message or activtity" is not equivalent to saying "the last user message or activity". Client Alive packets get answered silently by the ssh client code. Even if the user is idle, the client code can be responsive, and can answer Client Alive packets. In other words, the Client Alive mechanism is not intended to check on user idleness. It is a check on successful communication between the client and server. The Client Alive mechanism essentially detects if the client has died or if the network between server and client is no longer delivering packets.
Disclaimer
This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.
- Document ID:000021602
- Creation Date: 28-Oct-2024
- Modified Date:28-Oct-2024
-
- SUSE Linux Enterprise Server
For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com