Automatically Disconnect Idle or Inactive SSH Sessions (After Few Minutes Of Inactivity)

https://www.2daygeek.com/automatically-disconnect-inactive-idle-ssh-sessions

We have wrote many articles about SSH hardening. Today, we are going to explain another SSH hardening tips, how to disconnect idle or inactive ssh sessions automatically (after few minutes of inactivity).
If you had been working for long time on ssh session and you feel very lazy and you want to move caftarea to had a cup of coffee but you are forgotten to disconnect the ssh session, this is the most important point that has to be noted by every Linux users because its very sensitive issues.
If anyone made some changes over there, then there is noway/option to recover it back. To overcome this kind of situation, i would advise you to follow the below procedure.

Suggested Read :
>: How To kill An Inactive OR Idle SSH Sessions
>: Mosh (Mobile Shell) – Best Alternative for SSH to Connect Remote System
>: How to Access Secure Shell (SSH) Servers Through Standard Web Browsers
>: PSSH – Execute Commands on Multiple Linux Servers in Parallel
>: DSH – Run/Execute Shell Commands On Multiple Linux Servers At Once

How To Configure SSH Automatic Disconnection?

Open the sshd_config file on system which is located at /etc/ssh/sshd_config and modify the below settings to disconnect the SSH idle session after few minutes of inactivity.
find ClientAliveInterval & ClientAliveCountMax on sshd_config file and uncomment the line then add 300 (5 mins) instead of 0 and set ClientAliveCountMax is 0.

# nano /etc/ssh/sshd_config

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
ClientAliveInterval 300
ClientAliveCountMax 0
#ShowPatchLevel no
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none

Restart The SSH session

After modification, just restart the ssh service to take effect. If there is no activity in the user ssh session, it will be disconnected automatically after 5 minutes.
For SysVinit System

# service sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]

For systemd System

# systemctl restart sshd

Check Whether The Experiment working or not?

Everything has been done and we have to check whether this configuration working fine or not by login into two different sessions.
Now, we are going to login with mageshm and root credential and leaving the mageshm session as idle and keep checking this session status continuously in root session (every mins) to see what will happen. See the below output for better understanding.

# w
 12:22:04 up 8 days, 22:16,  2 users,  load average: 0.00, 0.00, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    219.91.219.14    11:48    0.00s  0.10s  0.00s w
mageshm  pts/1    219.91.219.14    12:20    1:06   0.01s  0.01s -bash

# w
 12:23:05 up 8 days, 22:17,  2 users,  load average: 0.05, 0.01, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    219.91.219.14    11:48    0.00s  0.10s  0.00s w
mageshm  pts/1    219.91.219.14    12:20    2:07   0.01s  0.01s -bash

# w
 12:24:13 up 8 days, 22:18,  2 users,  load average: 0.01, 0.01, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    219.91.219.14    11:48    0.00s  0.10s  0.00s w
mageshm  pts/1    219.91.219.14    12:20    3:15   0.01s  0.01s -bash

# w
 12:25:29 up 8 days, 22:20,  2 users,  load average: 0.00, 0.00, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    219.91.219.14    11:48    0.00s  0.12s  0.02s w
mageshm  pts/1    219.91.219.14    12:20    4:31   0.01s  0.01s -bash

# w
 12:25:57 up 8 days, 22:20,  2 users,  load average: 0.00, 0.00, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    219.91.219.14    11:48    0.00s  0.12s  0.00s w
mageshm  pts/1    219.91.219.14    12:20    4:59   0.01s  0.01s -bash

# w
 12:26:00 up 8 days, 22:20,  1 user,  load average: 0.00, 0.00, 0.00
USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT
root     pts/0    219.91.219.14    11:48    0.00s  0.12s  0.00s w

The above output shows only one active root SSH session which is used by root. The other session owned by mageshm got disconnected automatically after 5 mins of inactivity. That’s why last w command shows only 1 active user.

How It’s working?

This can be done by enabling ClientAliveCountMax and ClientAliveInterval options in sshd_config file.
ClientAliveCountMax – This indicates the total number of client alive message sent by the ssh client without getting any response from the ssh client. By default ClientAliveCountMax is 3 and we are going to set zero (0) to check this experiment. If this threshold is reached while server alive messages are being sent, ssh will disconnect from the server, terminating the session.
ClientAliveInterval – This indicates the timeout in X seconds, in my case it’s (300 seconds). After 5 minutes sshd will send a message through the encrypted channel to request a response from the client. The default is 0, indicating that these messages will not be sent to the client.

Check mageshm SSH session?

When i cross check the mageshm ssh session, the session was expired and getting below error message.

PuTTY Fatal Error

X
Server unexpectedly closed network connection