Abstract: This article is mainly to help students who are new to Linux. In some specific cases, it is necessary to set the expiration time of the session connection TMOUT. This article uses xshell for session connection operations.
The purpose of this article is to modify the environment variables to set the expiration time of the session. Before this, I have tested setting up xshell to reconnect and keep active, but neither can extend the expiration time of the session.
Settings in Xshell
Set on the server side
First enter the command: switch to the ssh directory
cd /etc/ssh
Modify the sshd_config file command in the ssh directory:
vim sshd_config
Find ClientAliveInterval 0 and ClientAliveCountMax 3 and remove the comment symbol ("#"),
Change the 0 corresponding to ClientAliveInterval to 60. ClientAliveInterval specifies the time interval for the server to request messages from the client. The default is 0, which is not sent.
ClientAliveInterval 60 indicates that it is sent once per minute, and then the client responds, thus maintaining a long connection.
ClientAliveCountMax, just use the default value of 3. ClientAliveCountMax means that the client will automatically disconnect after the server sends a request and the number of times the client does not respond reaches a certain value.
Restart the ssh service: service sshd restart
In fact, whether the above is on the xshell client or the server, you only need to set one place. If the above method does not work, then you need to continue to look below.
Learn what TMOUT is
TMOUT is a system environment variable used to set the user's login session timeout. It determines that the system will automatically terminate the user's session and log the user out after a period of inactivity.
Why set the expiration time of TMOUT
Setting the expiration time of the TMOUT environment variable is mainly for security and resource management considerations.
Security: In some cases, users may forget to log off or move away from their computer, but their session remains active. In this case, others can gain unauthorized access by gaining access to the session. By setting an expiration time on the TMOUT environment variable, the system can automatically terminate idle sessions and log off users, thereby reducing the risk of unauthorized access.
Resource management: Keeping idle sessions for a long time may occupy system resources, such as memory, processes, etc. Especially in a server environment, when a large number of users log in at the same time, idle sessions will occupy valuable system resources and may affect system performance and availability. By setting the expiration time of the TMOUT environment variable, you can force idle sessions to automatically log off and release system resources in time.
Setting an expiration time also helps reduce the opportunity for attackers to exploit a long idle session for malicious activity, as they will not be able to maintain continued access until the session times out.
Check the value of system TMOUT
First of all, we can use the command to see how long the TMOUT of the current terminal expires.
Order
echo $TMOUT
Solution
(1) Method 1: Only set the connection duration of the session of the currently opened terminal
Command: unit seconds (s)
export TMOUT=value
Note: There should be no spaces on both sides of the equal sign to cause an error; this setting is only valid for the current terminal. The next time you connect to this IP terminal, the expiration time of TMOUT will still be the expiration time of TMOUT set globally. If you want to open it later without resetting the expiration time of this session through the above command, then you can refer to option 2 to set the global TMOUT expiration time. It will automatically disconnect after reaching the value we set.
(2) Method 2: Set the global TMOUT session expiration time
First find the global configuration TMOUT file, usually in the ect directory, so when we connect to the terminal, directly enter the following command:
cd /etc
Switch to this directory, then find the profile file, and enter the command:
vim profile (edit files)
Enter this file, find the export TMOUT= value and change this value to the time you want to expire, and the unit is also seconds (s). Save and exit.
Note : There is no space on both sides of the equal sign of the TMOUT= value.
Execute the following command: effective immediately
source /etc/profile
Note: When TMOUT is set to 0 (zero), the terminal session will never time out and will not automatically log the user out. This means that a terminal session can remain active until the user manually logs out or closes the session.