Secure Shell is a great means to manage remote Linux and UNIX systems, but a poor SSH server connection can be detrimental.
If a connection goes idle, you get disconnected. If you're logged in to one server, it's easy to reestablish the connection. If you're logged in to multiple servers simultaneously with a complicated connection, connection problems can turn into a real annoyance.
Connections must be handled wisely. Every connection uses system resources; to deal with resources as efficiently as possible, idle connections need to close. This is what happens when you experience frequent disconnects from your SSH server.
Two parameters for connections
The ClientAliveInterval parameter allows the Secure Shell Daemon (sshd) process to check periodically if a connection is still in use. If you set the value of this parameter to 300, for example, the SSH server checks if the connection is still actively in use every 300 seconds. By default, this will never happen -- after a couple of minutes of inactivity, SSH sessions get disconnected.
The ClientAliveCountMax setting lets the administrator specify how often the server verifies connection use. This value is a multiplier to the ClientAliveInterval parameter, meaning that (ClientAliveCountMax * ClientAliveInterval) defines the time that an SSH server session may be unused before the sshd automatically disconnects it. If the ClientAliveInterval is set to 300 and the ClientAliveCountMax setting is specified as 10, your session will stay open for 3000 seconds, even if nothing is happening in the session. Every time you do something in an active session, the timer restarts.
In some cases, server admins cannot access the SSH server settings and have to use similar settings on the SSH client. With Linux, use the configuration file /etc/ssh/ssh_config to apply it as a global setting, or ~/.ssh/config to apply it as a setting for an individual user. The parameters to set are ServerAliveInterval and ServerAliveCountMax, and they work exactly the same as the settings on the server.
The second parameter is TCPKeepAlive. Without this parameter, a connection may die undetected. The session is only released when the SSH process on the server stops, which can happen on a server reboot. As a client, you will experience a hanging session -- you don't return to the local shell environment and the only solution is to kill your SSH terminal window and start over again. Should this happen, you cannot restart the session by selecting the last command from the history list.
To manage this behavior, use TCPKeepAlive to ensure that SSH sessions will work much better and without interruption. This option has the function to monitor that connections still exist, and should it break, it will automatically disconnect.
About the author:
Sander van Vugt is an independent trainer and consultant based in the Netherlands. He is an expert in Linux high availability, virtualization and performance. He has authored many books on Linux topics, including Beginning the Linux Command Line, Beginning Ubuntu LTS Server Administration and Pro Ubuntu Server Administration.