diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2024-01-09 23:19:00 +0100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2024-01-09 23:24:53 +0100 |
| commit | b31b12d28de96e1d43581d32f34da8db27e11c03 (patch) | |
| tree | 6656cf252c9fc0349b94ee49a3c2da91d096dc30 /ssh_config.5 | |
| parent | upstream: adapt ssh_api.c code for kex-strict (diff) | |
| download | openssh-b31b12d28de96e1d43581d32f34da8db27e11c03.tar.xz openssh-b31b12d28de96e1d43581d32f34da8db27e11c03.zip | |
upstream: add a "global" ChannelTimeout type to ssh(1) and sshd(8)
that watches all open channels and will close all open channels if there is
no traffic on any of them for the specified interval. This is in addition to
the existing per-channel timeouts added a few releases ago.
This supports use-cases like having a session + x11 forwarding channel
open where one may be idle for an extended period but the other is
actively used. The global timeout would allow closing both channels when
both have been idle for too long.
ok dtucker@
OpenBSD-Commit-ID: 0054157d24d2eaa5dc1a9a9859afefc13d1d7eb3
Diffstat (limited to 'ssh_config.5')
| -rw-r--r-- | ssh_config.5 | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index 4bbdfefd1..15ad012f8 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.391 2023/10/12 02:18:18 djm Exp $ -.Dd $Mdocdate: October 12 2023 $ +.\" $OpenBSD: ssh_config.5,v 1.392 2024/01/09 22:19:00 djm Exp $ +.Dd $Mdocdate: January 9 2024 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -463,8 +463,10 @@ Timeouts are specified as one or more .Dq type=interval pairs separated by whitespace, where the .Dq type -must be a channel type name (as described in the table below), optionally -containing wildcard characters. +must be the special keyword +.Dq global +or a channel type name from the list below, optionally containing +wildcard characters. .Pp The timeout value .Dq interval @@ -473,11 +475,19 @@ is specified in seconds or may use any of the units documented in the section. For example, .Dq session=5m -would cause the interactive session to terminate after five minutes of +would cause interactive sessions to terminate after five minutes of inactivity. Specifying a zero value disables the inactivity timeout. .Pp -The available channel types include: +The special timeout +.Dq global +Applies to all active channels, taken together. +Traffic on any active channel will reset the timeout, but when the timeout +expires then all open channels will be closed. +Note that this global timeout is not matched by wildcards and must be +specified explicitly. +.Pp +The available channel type names include: .Bl -tag -width Ds .It Cm agent-connection Open connections to |