Configure OpenSSH to disconnect idle SFTP clients

ssh sftp openssh

How to configure sftp-server subsystem specified in /etc/ssh/sshd_config to disconnect idle SFTP clients.

Neither sshd_config manual nor nor the sftp-server manual have info to configure such parameter for the subsystem.


Solution 1:

Until OpenSSH 8.2, you could abuse ClientAliveInterval and ClientAliveCountMax 0 to disconnect idle clients:

ClientAliveInterval 60
ClientAliveCountMax 0

But this has been declared as a bug in 8.2 and is no longer working. Since 8.2, there's no way to disconnect the idle clients, only unresponsive clients.

I believe these days, most OpenSSH installations are still pre-8.2, so you might still be able to use this. But it may stop working after upgrade one day.

As @KamilMaciorowski suggested in a comment, a clever wrapper (script) over the sftp-server executable would do too. It won't even be difficult. It would ignore SSH keepalives though (what some may like, some not). And it will need the sftp-server binary (instead of the default internal-sftp), what makes it complicated to chroot the session

Related

FFmpeg command to find key frame closest to 3rd minute
Vim has unexpected key presses on startup, what could be causing this?
Can I backup all computers in my network to my server using free software or windows only? [closed]
Missing sharing tab on network properties
Windows 8 security policy "LAN Manager Authentication Level"
How to convert a Voluson 4D ultrasound scan (.V00 file) to a video?
Change Name/Description in windows context menu
Downloading yesterday files in PowerShell using WinSCP
How to recover the data from the crashed (external) hard disk drive (NTFS)?
Why do I get duplicated entries in my $PATH?
How to make WANem a Permanent Virtual Box VM
How to forward http request to a proxy server?