This article goes over how to configure your SSH server to make sure keep alives are active on the server. This applies to Linux Cloud and Dedicated solutions.
- Open /etc/ssh/sshd_config in your favorite text editor (e.g., vi, vim, nano)
- If there is already not a line with the ClientAliveInterval option, add it to the bottom of the fille. Here is an example: ClientAliveInterval 600. This will send a keep alive message to the client if it has not received SSH communication after 600 seconds. This keep alive is sent through the already established, encrypted connection. Hosting.com recommends configuring SSH with this value if you require SSH connections to remain open between your SSH cilent and server machines.
- You can also configure the max amount of messages to sent the client using ClientAliveCountMax. The default value is 3. For example, if you leave it at default, and use the example above, it would take 1800 seconds for the client to be disconnected. You can think of it like this:
- Disconnect Client After Inactive for this many seconds = ClientAliveCountMax * ClientAliveInterval
- You may also wish to configure a TCPKeepAlive value. An example would be something likeTCPKeepAlive Yes. This will send a TCPKeepAlives to the client machine. This should be setup if you're having issues with inactive SSH sessions that have been idling around for long periods of time. These sessions leave ghost users and consume server resources.
- Lastly, TCPKeepAlives are spoofable. This means you should lock down your system if you plan to use them, or malicious users can penetrate your system and cause your SSH connections to seem flaky. If you notice random disconnects in SSH, try disabling TCPKeepAlives and rely more on ClientAlive values in your SSH server configuration.
- The SSH server should be restarted after these settings are changed to take effect
