Bug 742997
| Summary: | Configure ssh sessions to have a default timeout | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Perry Myers <pmyers> | |
| Component: | ovirt-node | Assignee: | Joey Boggs <jboggs> | |
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | high | |||
| Version: | 6.2 | CC: | cshao, gouyang, leiwang, mburns, moli, ovirt-maint, sgordon, sgrubb, ycui, zdover | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | x86_64 | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | ovirt-node-2.2.3-1.el6 | Doc Type: | Bug Fix | |
| Doc Text: |
A previous version of Red Hat Enterprise Virtualization Hypervisor did not apply a default timeout for SSH sessions. The Hypervisor now terminates SSH sessions after 15 minutes of inactivity.
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 794870 (view as bug list) | Environment: | ||
| Last Closed: | 2012-07-19 14:15:55 UTC | Type: | --- | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 794870 | |||
|
Description
Perry Myers
2011-10-03 14:32:44 UTC
From sgrubb:
> The DISA STIG recommends 15 minutes.
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
A previous version of Red Hat Enterprise Virtualization Manager did not have default timeouts for ssh sessions.
Red Hat Enterprise Virtualization Manager now has a default timeout of five minutes for ssh sessions.
Technical note updated. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
Diffed Contents:
@@ -1,3 +1,3 @@
-A previous version of Red Hat Enterprise Virtualization Manager did not have default timeouts for ssh sessions.
+A previous version of Red Hat Enterprise Virtualization Hypervisor did not have default timeouts for ssh sessions.
-Red Hat Enterprise Virtualization Manager now has a default timeout of five minutes for ssh sessions.+Red Hat Enterprise Virtualization Hypervisor now has a default timeout of five minutes for ssh sessions.
its actually 15 minutes (3 rounds of 5 min checks)
Technical note updated. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
Diffed Contents:
@@ -1,3 +1,3 @@
A previous version of Red Hat Enterprise Virtualization Hypervisor did not have default timeouts for ssh sessions.
-Red Hat Enterprise Virtualization Hypervisor now has a default timeout of five minutes for ssh sessions.+Red Hat Enterprise Virtualization Hypervisor now has a default timeout. It checks three times in intervals of five minutes for ssh session timeouts.
Tested on 6.2-20111010 build, ssh to rhevh host whole night, the session is still alive, can see the IDLE time is 15 hours already. # w 01:42:42 up 15:30, 3 users, load average: 0.02, 0.01, 0.00 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT admin pts/0 10.66.9.237 Tue10 15:09m 0.69s 0.01s /bin/bash /usr/libexec/ovirt-admin-shell admin pts/1 10.66.11.102 Tue10 15:08m 0.69s 0.00s /bin/bash /usr/libexec/ovirt-admin-shell admin pts/2 dhcp-65-158.nay. 01:29 0.00s 0.73s 0.06s sshd: admin [priv] What is your ssh client config, do you maybe have ServerAliveInterval set? (In reply to comment #10) > What is your ssh client config, do you maybe have ServerAliveInterval set? no, I have no ServerAliveInterval set in /etc/ssh/ssh_config. This is what we use: ClientAliveInterval 900 ClientAliveCountMax 0
Technical note updated. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
Diffed Contents:
@@ -1,3 +1,3 @@
-A previous version of Red Hat Enterprise Virtualization Hypervisor did not have default timeouts for ssh sessions.
+A previous version of Red Hat Enterprise Virtualization Hypervisor did not have default timeout for ssh sessions.
Red Hat Enterprise Virtualization Hypervisor now has a default timeout. It checks three times in intervals of five minutes for ssh session timeouts.
Technical note updated. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
Diffed Contents:
@@ -1,3 +1,3 @@
-A previous version of Red Hat Enterprise Virtualization Hypervisor did not have default timeout for ssh sessions.
+A previous version of Red Hat Enterprise Virtualization Hypervisor did not apply a default timeout for SSH sessions.
-Red Hat Enterprise Virtualization Hypervisor now has a default timeout. It checks three times in intervals of five minutes for ssh session timeouts.+The Hypervisor now terminates SSH sessions after 15 minutes of inactivity.
Technical note updated. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
Diffed Contents:
@@ -1,3 +1 @@
-A previous version of Red Hat Enterprise Virtualization Hypervisor did not apply a default timeout for SSH sessions.
+A previous version of Red Hat Enterprise Virtualization Hypervisor did not apply a default timeout for SSH sessions. The Hypervisor now terminates SSH sessions after 15 minutes of inactivity.-
-The Hypervisor now terminates SSH sessions after 15 minutes of inactivity.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0741.html |