Force disconnect on unattended SSH/SFTP connections


I'm sure many have faced this before but I can't seem to figure this out.

I need unattended SSH/SFTP connections to close after a while (say, in 10 minutes). This needs to override anything that could be done from client side (ServerAliveInterval or keepalives programs like PuTTY can send).

ClientAliveInterval only seem to help reap connections when the client side is unreachable.

TMOUT helps if a shell is invoked, but this doesn't help with SFTP.

If this could be achieved in OpenSSH, that would be great, but if it needs to be some other way I'll be happy to know.

Your insight appreciated,
I've looked into this and can't easily be done. You'll have to patch packet.c in the openssh source, to not count a keepalive packet as a "real" packet.

See crypto/openssh/packet.c for starters.
SirDice said:
Set an idle time-out on the user's shell.

Tailing a log won't log you out in using an idle timeout on the shell. If your testing proves otherwise, I would be interesting in knowing that. My testing proved otherwise.