How do you configure SSH keep-alive to prevent sessions from timing out?

Linux VPS
Secure Shell (SSH) is a way to connect two computers over a network safely. People often use it to control Linux servers from far away. But sometimes, your SSH connection can drop because of network problems or downtime. This can be annoying, especially if you're doing something that takes a long time and needs a steady connection. In this article, we will talk about different ways to keep an SSH session active on Linux.
 

Why does SSH close a connection?

To connect to a server using SSH, the ssh daemon (sshd) must be running on the server. If the client doesn't send data to the server regularly, the server will close the connection after some time.

To stop the server from closing the SSH connection, we can change settings in a config file on either the client or the server.

How do you set up the Configuration File (config file)?

SSH connections can stop working because of unstable networks, inactivity, or strict firewalls. This can interrupt your work and cause inconvenience or even data loss. To avoid these problems, it's essential to use methods that keep your SSH sessions active and stable.

Depending on whether you're on the client or server side, you can update a couple of files to help prevent an SSH session from timing out.

 

Adjusting Client-Side Settings

1. Enabling SSH Keep-Alive

You can activate the built-in SSH keep-alive feature to prevent SSH connection timeouts. This involves configuring your SSH client to send regular keep-alive messages to the server, ensuring an active connection, and avoiding disconnection due to inactivity.

Here's how to enable SSH keep-alive:

Step 1: Open your SSH client configuration file, usually found at ~/.ssh/config.

Step 2: Add the following lines to the file:

Host *

    ServerAliveInterval 60

Step 3: Save the configuration file.

In this example, the ServerAliveInterval setting specifies how often (in seconds) the client sends keep-alive messages. Adjust this value based on your needs. It's best to keep the interval short enough to maintain responsiveness without overwhelming the server.

2. Dealing with Unstable Networks

Even with good settings, unstable networks can still cause problems with SSH connections. However, SSH multiplexing can reduce these issues.

What is SSH Multiplexing?

SSH multiplexing lets you reuse an existing SSH connection for multiple sessions instead of making new connections each time. This helps minimize the impact of network instability and lowers the time needed to set up connections.

To turn on SSH multiplexing, do these steps:

Step 1: Open your SSH client settings file (~/.ssh/config).

Step 2: Put these lines in the settings file:

Host *

    ControlMaster auto

    ControlPath ~/.ssh/master-%r@%h:%p

    ControlPersist 5m

Step 3: Save the settings file.

In this example, ControlMaster allows sharing SSH connections, ControlPath shows where the control socket for multiplexing is, and ControlPersist sets how long the control connection stays open after the last session ends. Adjust ControlPersist as needed.

 

Adjusting Server-Side Settings

While setting up client-side keep-alive is important, tweaking server-side settings can also help maintain a steady SSH connection. Adjusting the server's idle timeout and TCP keep-alive settings can make your SSH sessions more reliable and responsive.

1. Changing Idle Timeout

SSH servers often disconnect idle sessions after a certain period. To prevent this, you can adjust the server's idle timeout setting.

To change the idle timeout:

Step 1: Find the SSH server configuration file, usually at /etc/ssh/sshd_config.

Step 2: Open this file with a text editor (nano or vim).

Step 3: Look for the lines that mention ClientAliveInterval and ClientAliveCountMax.

Step 4: Modify these values to suit your needs. For example:

ClientAliveInterval 300

ClientAliveCountMax 3

Step 5: Save the configuration file and restart the SSH server to apply the changes.

# systemctl restart sshd

In the example above, ClientAliveInterval sets how often (in seconds) the server sends messages to the client to check if it's still active. ClientAliveCountMax determines how many unanswered messages are allowed before the server ends the connection.

2. Adjusting TCP Keep-Alive

TCP keep-alive is a network feature that identifies inactive or failed connections. By tweaking TCP keep-alive settings, you can help the SSH server quickly recognize and end connections that aren't responding.

To adjust TCP keep-alive:

Step 1: Find the SSH server configuration file (/etc/ssh/sshd_config).

Step 2: Look for the TCPKeepAlive option and set it to yes if it's not already enabled.

TCPKeepAlive yes

Step 3: Save the configuration file and restart the SSH server to apply the changes.

# systemctl restart sshd

Conclusion

Keeping your SSH connections stable and steady is important for managing remote servers effectively. This guide mentions methods for maintaining smooth connections and boosting productivity, such as setting up SSH keep-alive, adjusting server settings, and using SSH multiplexing.