Configure Idle Log Out Timeout Interval for ssh

SUMMARY: Most of the time we configure the server with default setting and we don’t care how much time our ssh session is open, what ever we are doing on our PC. What I mean, to provide an opportunity to the hacker scripts and mail-ware to get access to the server. So we need to restrict the session to be closed after a certain period of idle time. I tried to explain how we can restrict our ssh session to close after a certain period of time and Configure Idle Log Out Timeout Interval for ssh.

You can configure your server to log out user automatically if the user is inactive for a long time in-order to set the security policy implemented.

Step-1: Login to your server as root and create a file autologout.sh in /etc/profile.d/ directory and enter the following code.

vim /etc/profile.d/autologout.sh

TMOUT=300

readonly TMOUT

export TMOUT

wq!

write and quit the file.

Step-2: Now set the permission of the file to be executed as a shell script.

chmod +x /etc/profile.d/autologout.sh

The script will implement 5 minutes idle timeout for /bin/bash shell default.

Step-3: How to deal with SSH Client

We can configure our ssh configuration for users to be logout after a certain idle time. We have to do some changes in the file /etc/ssh/sshd_config

vim /etc/ssh/sshd_config

Now find the ClientAliveInterval and set the value to 300 which is equal to 5 minutes of idle time.

ClientAliveInterval 300

ClinetAliveCountMax 0 # zero

Save and exit.

Step-4: Restart your ssh service and check the functionality is working properly.

service ssh restart

If there is any issue, Let us know through comments below we will try to guide you with our best efforts.

Leave a Reply

Your email address will not be published. Required fields are marked *