Configuring SSH clients for network firewalls - for users

Owned by Carol Lu (Deactivated)
Last updated: Nov 27, 2024 by Syed Sharaheel Hashmi
1 min read

For more information about this service, please see SSH Authman service.

Configuring SSH client timeouts

When a network session is transiting a firewall, the firewall may close sessions it deems idle - ones that have not sent packets for some time. People are most likely to notice this behaviour on long-lasting SSH sessions and may find that their connection is terminated earlier than they would like. This can be fixed with a configuration change on the client-side, which will cause it to send a "keepalive" packet at fixed intervals. IST recommends a 15-minute keepalive.

Windows

Using putty, edit the configuration for your session, and under Connection, change "Seconds between keepalives" to 900.

PuTTY configuration with categories (Session, Terminal, Window, and Connection). Connection is chosen and Seconds between keepalives box is set to 900

Unix/Linux/MacOS

The default SSH client for most Unix-like operating systems is OpenSSH. Versions of OpenSSH greater than 3.8 support the setting ServerAliveInterval. This can be configured globally or for individual hosts.

  • Edit your personal SSH configuration file (usually $HOME/.ssh/config) and add or modify the relevant line(s).

  • If you are running a version of OpenSSH older than 3.8, you should upgrade to a more recent version.

 

Related articles

Need help?

Contact the IST Service Desk online or 519-888-4567 ext. 44357.

Article feedback

If you’d like to share any feedback about this article, please let us know.