Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Create ssh disconnect message

  1. #1
    Join Date
    Nov 2012
    Beans
    9

    Create ssh disconnect message

    Hi all (new to the forums here), two questions if anyone can help.

    I have a message for ssh logins in /etc/issue.net. Is it possible to create a message that is shown to a logged in client when their session times out?

    And although frowned upon, is a login as root over ssh also disconnected?

    Thanks.

  2. #2
    Join Date
    Sep 2006
    Beans
    7,629
    Distro
    Lubuntu Development Release

    Re: Create ssh disconnect message

    There's not anyway to have a timeout message that I know of, but it is possible to reduce the likelihood of session timeouts by changing settings for either the client or server. On the server side you could set ClientAliveCountMax and ClientAliveInterval. On the client side you can set ServerAliveCountMax and ServerAliveInterval. Either of these will keep a heatbeat signal to try to prevent the connection from timing out.

    You can shutoff remote root login by changing PermitRootLogin to "no" in /etc/ssh/sshd_config

  3. #3
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Create ssh disconnect message

    Quote Originally Posted by Lars Noodén View Post
    There's not anyway to have a timeout message that I know of, but it is possible to reduce the likelihood of session timeouts by changing settings for either the client or server. On the server side you could set ClientAliveCountMax and ClientAliveInterval. On the client side you can set ServerAliveCountMax and ServerAliveInterval. Either of these will keep a heatbeat signal to try to prevent the connection from timing out.

    You can shutoff remote root login by changing PermitRootLogin to "no" in /etc/ssh/sshd_config
    +1.

    Another thing you can do is allow login to the root account with keys only, but it is usually easier to just login as something who has sudo rights and do it that way.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  4. #4
    Join Date
    Nov 2012
    Beans
    9

    Re: Create ssh disconnect message

    Thanks for the replies.

    Ok, so I cannot define my own disconnect message.

    I think you misunderstood by query about root. If we assume (for this example) that ClientAliveInterval is 60, users will be logged out if they are idle for 60 seconds (assuming ClientAliveCountMax is 0); but my question is will root also be logged out if he/she is idle for 60 seconds? It dosen't appear so.

  5. #5
    Join Date
    Sep 2006
    Beans
    7,629
    Distro
    Lubuntu Development Release

    Re: Create ssh disconnect message

    Quote Originally Posted by mbonlineuser View Post
    Thanks for the replies.

    Ok, so I cannot define my own disconnect message.

    I think you misunderstood by query about root. If we assume (for this example) that ClientAliveInterval is 60, users will be logged out if they are idle for 60 seconds (assuming ClientAliveCountMax is 0); but my question is will root also be logged out if he/she is idle for 60 seconds? It dosen't appear so.
    It's the other way around. ClientAliveInterval helps prevent the users, including root, from being logged out if they are idle. It sets the number of seconds between "I'm Alive" messages sent out. ClientAliveCountMax is the number of those messages that can go missing before the server decides that the connection is dead.

    http://manpages.ubuntu.com/manpages/..._config.5.html

    The default is for the SSH server not to be sending such messages and thus an idle connection will eventually time out.

  6. #6
    Join Date
    Nov 2012
    Beans
    9

    Re: Create ssh disconnect message

    Thanks Lars but this is what I don't understand, a normal test user is logged out after the interval but root is not?

  7. #7
    Join Date
    Sep 2006
    Beans
    7,629
    Distro
    Lubuntu Development Release

    Re: Create ssh disconnect message

    Quote Originally Posted by mbonlineuser View Post
    Thanks Lars but this is what I don't understand, a normal test user is logged out after the interval but root is not?
    I have a few instances of ssh running but can't get them to time out. I even have ClientAliveInterval set to 0 on the server. Though I have seen that problem of timeout on other systems in the past.

  8. #8
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Create ssh disconnect message

    Quote Originally Posted by Lars Noodén View Post
    I have a few instances of ssh running but can't get them to time out. I even have ClientAliveInterval set to 0 on the server. Though I have seen that problem of timeout on other systems in the past.
    Mine will time out after somewhere between 30 and 60 minutes, if I leave them idle. I usually run htop or top if I am working on something thru a tunnel, so the original session doesn't disconnect.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  9. #9
    Join Date
    Sep 2006
    Beans
    7,629
    Distro
    Lubuntu Development Release

    Re: Create ssh disconnect message

    Quote Originally Posted by CharlesA View Post
    Mine will time out after somewhere between 30 and 60 minutes, if I leave them idle. I usually run htop or top if I am working on something thru a tunnel, so the original session doesn't disconnect.
    You can add ServerAliveInterval 60 to your config file in ~/.ssh/config for those particular hosts. That should keep the session from timing out. Though top is nice, too.

  10. #10
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: Create ssh disconnect message

    Quote Originally Posted by Lars Noodén View Post
    You can add ServerAliveInterval 60 to your config file in ~/.ssh/config for those particular hosts. That should keep the session from timing out. Though top is nice, too.
    Thanks. I've accidentally left top or htop running and found the same session was still running the next day. O_o
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •