Keep-alive settings in ssh. Server side

Date: October 13th, 2009
Author: Stefan Batanov

In this tutorial I will explain what are the available configuration option for keeping your ssh alive.
I”m pretty sure that everyone of us using ssh on daily basis have received the annoying Connection reset by peer message and had to reconnect to the remote server. This is incredibly irritating when you happen to have a step stone connections established at first place.

There are two general ways to keep and ssh session from expiring. One of which is set the ssh daemon to keep active session to it opened and is the topic of this tutorial.

The alternative is to set this keep-alive option on the ssh client side. For more information how to configure the client side keep-alive in ssh check link.

The configuration file that we need to edit in most Linux distributions is located /etc/ssh/sshd_config.

You have to be root to edit this file. Open it with your favorite editor.

  1. vi /etc/ssh/sshd_config

Configuring SSH server option one

The first optition is with the TCPKeepAlive option. TCPKeepAlive – Specifies whether the system should send TCP keepalive messages to the other side. The default option is yes.

ClientAliveInterval – Specifies the time interval in second for which if no data is received from the client, ssh daemon will send a message requesting user response. Default is 0 which means that such packages will not be send. I recommend to set the interval to 60 seconds.
ClientAliveCountMax – Specifies the max retries of messages of the above type. If no response is received from the client in X subsequent messages the session will be considered idle.

  1. TCPKeepAlive yes

Configuring SSH server option two

ClientAliveInterval – Specifies the time interval in second for which if no data is received from the client, ssh daemon will send a message requesting user response. Default is 0 which means that such packages will not be send. I recommend to set the interval to 60 seconds.
ClientAliveCountMax – Specifies the max retries of messages of the above type. If no response is received from the client in X subsequent messages the session will be considered idle.

The main difference is that ClientAlive sends the messages over the encrypted tunnel and cannot be spoofed.

And finally to apply the changes you need to restart sshd.

  1. ClientAliveInterval 60
  2. ClientAliveCountMax 3
VN:F [1.9.18_1163]
Rating: 0.0/10 (10 votes cast)
Keep-alive settings in ssh. Server side, 0.0 out of 10 based on 10 ratings

One Response to “Keep-alive settings in ssh. Server side”

Leave a Reply