如何在 Linux 中设置 SSH 无密码登录
CentOS/RHEL:如何缩小 LVM 根文件系统
查看更多教程 https://on  itroad.com

方法二

  1. 我们可以将 ClientAliveCountMax 值设置为 0,将 ClientAliveInterval 值设置为 10m 以实现相同的目的。
# vi /etc/ssh/sshd_config
ClientAliveInterval 10m          # 10 minutes
ClientAliveCountMax 0            # 0 times
  1. 设置好后重启ssh服务。
# service sshd restart

方法一和方法二的区别

这两种方法略有不同。
对于第一种方法,如果客户端处于非活动状态五分钟,sshd 将通过加密通道发送消息,这里称为客户端活动消息,以请求客户端响应。
sshd 守护进程最多将发送这些消息两次。
如果在发送客户端活动消息时达到此阈值,sshd 将断开客户端连接。

但是对于第二种方法,如果客户端处于非活动状态 10 分钟,sshd 将不会发送客户端活动消息并直接终止会话。

CentOS/RHEL:如何为ssh 自动注销设置超时时间

/etc/ssh/sshd_config 文件中有两个与 ssh 不活动相关的选项:

ClientAliveInterval
ClientAliveCountMax

所以超时值(timeout)是通过 ClientAliveInterval 乘以 ClientAliveCountMax 来计算的。

timeout interval = ClientAliveInterval * ClientAliveCountMax

这两个参数的含义可以在 sshd_config 的手册页中找到:

# man sshd_config
     ClientAliveCountMax
             Sets the number of client alive messages (see below) which may be sent without sshd(8) receiving any messages back from the client. If this threshold is reached while client alive messages are being sent, sshd will disconnect the client, terminating the session. It is important to note that the use of client alive messages is very different from TCPKeepAlive (below). The client alive messages are sent through the encrypted channel and therefore will not be spoofable. The TCP keepalive option enabled by TCPKeepAlive is spoofable.  The client alive mechanism is valuable when the client or server depend on knowing when a connection has become inactive. The default value is 3. If ClientAliveInterval (see below) is set to 15, and ClientAliveCountMax is left at the default, unresponsive SSH clients will be disconnected after approximately 45 seconds. This option applies to protocol version 2 only.
     ClientAliveInterval
             Sets a timeout interval in seconds after which if no data has been received from the client, sshd(8) will send a message through the encrypted channel to request a response from the client. The default is 0, indicating that these messages will not be sent to the client. This option applies to protocol version 2 only.

有两种方法可以配置不活动超时。
例如,在这篇文章中,我们将配置一个 10 分钟的自动注销间隔。

方法一

1.使用以下参数值在/etc/ssh/sshd_config文件中配置超时值。

# vi /etc/ssh/sshd_config
ClientAliveInterval 5m          # 5 minutes
ClientAliveCountMax 2           # 2 times
  1. 设置好后重启ssh服务。
# service sshd restart

这将使会话在 10 分钟内超时,因为 ClientAliveCountMax 值乘以 ClientAliveInterval 值。

日期:2020-09-17 00:12:20 来源:oir作者:oir
如何在 Linux 中设置 SSH 无密码登录
CentOS/RHEL:如何缩小 LVM 根文件系统

目录

Copyright © 2017-2019 OnITRoad.com All rights reserved.  桂ICP备20001160号-1  关于 | 隐私和政策