diff options
Diffstat (limited to 'sshd.8')
-rw-r--r-- | sshd.8 | 27 |
1 files changed, 26 insertions, 1 deletions
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.114 2001/04/11 16:25:31 lebel Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.115 2001/04/13 22:46:54 beck Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
@@ -363,6 +363,31 @@ Specifies whether | |||
363 | should check for new mail for interactive logins. | 363 | should check for new mail for interactive logins. |
364 | The default is | 364 | The default is |
365 | .Dq no . | 365 | .Dq no . |
366 | .It Cm ClientAliveInterval | ||
367 | Sets a timeout interval in seconds after which if no data has been received | ||
368 | from the client, | ||
369 | .Nm | ||
370 | will send a message through the encrypted | ||
371 | channel to request a response from the client. This may only be | ||
372 | used on a server supporting only protocol version 2. The default | ||
373 | is 0, indicating that these messages will not be sent to the client. | ||
374 | .It Cm ClientAliveCountMax | ||
375 | Sets the number of client alive messages (see above) which may be | ||
376 | sent without | ||
377 | .Nm | ||
378 | receiving any messages back from the client. If this threshold is | ||
379 | reached while client alive messages are being sent, | ||
380 | .Nm | ||
381 | will disconnect the client, terminating the session. It is important | ||
382 | to note that the use of client alive messages is very different from | ||
383 | Keepalive (below). The client alive messages are sent through the | ||
384 | encrypted channel and therefore will not be spoofable. The TCP keepalive | ||
385 | option enable by Keepalive is spoofable. You want to use the client | ||
386 | alive mechanism when you are basing something important on | ||
387 | clients having an active connection to the server. | ||
388 | The default is value is 3. If you set ClientAliveInterval | ||
389 | (above) to 15, and leave this value at the default, unresponsive ssh clients | ||
390 | will be disconnected after approximately 45 seconds. | ||
366 | .It Cm DenyGroups | 391 | .It Cm DenyGroups |
367 | This keyword can be followed by a number of group names, separated | 392 | This keyword can be followed by a number of group names, separated |
368 | by spaces. | 393 | by spaces. |