I added the following two lines to my /etc/ssh/sshd_config file and did service ssh restart after adding them:
ClientAliveInterval 2 ClientAliveCountMax 5
In my /etc/ssh/ssh_config file I have this:
Host * ServerAliveInterval 0 ServerAliveCountMax 0Consequently I'd expect ssh localhost 'sleep 120; ls -latr' to timeout after 10s but it isn't. It's sleeping for 2m and then running ls -latr and I'm getting the output.
I even tried it with PuTTY using the "Remote command" option:
It worked there as well. Here are the PuTTY logs:
I'd expect to see 10x SH2_MSG_CHANNEL_REQUEST packets but instead I'm seeing 59x. Actually, I'm seeing twice that because, for whatever reason, the server seems to be sending two at a time, but whatever.
I'm running SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 as the PuTTY logs show.
Any ideas?
1 Answer
The keepalive settings that you've referenced (both client and server) aren't timeouts for the other side to send meaningful data. They're instead a check that the other side is still connected, even if it has no meaningful (non-empty) data to send. In fact, they're designed for exactly the case where the connection is otherwise idle but it should not be dropped.
In your case, the server is performing keepalives, and as long as the connection persists and the client keeps responding (which it will), the server will not drop the connection. You only need one side to perform keepalives to keep the connection open; turning them off on the client does not prevent the server from sending them and the client responding.
If your goal is to set a timer on a command such that it gets killed if it produces no output for a while, you need a different solution. SSH keepalives just prevent the connection from being reaped because it's otherwise idle.
2
