diff options
Diffstat (limited to 'ssh_config.5')
| -rw-r--r-- | ssh_config.5 | 69 |
1 files changed, 68 insertions, 1 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index dd72a98f..d1c7037d 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,7 +33,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.389 2023/10/11 06:40:54 djm Exp $ +.\" $OpenBSD: ssh_config.5,v 1.390 2023/10/11 22:42:26 djm Exp $ .Dd $Mdocdate: October 11 2023 $ .Dt SSH_CONFIG 5 .Os @@ -455,6 +455,73 @@ Multiple .Cm CertificateFile directives will add to the list of certificates used for authentication. +.It Cm ChannelTimeout +Specifies whether and how quickly +.Xr ssh 1 +should close inactive channels. +Timeouts are specified as one or more +.Dq type=interval +pairs separated by whitespace, where the +.Dq type +must be a channel type name (as described in the table below), optionally +containing wildcard characters. +.Pp +The timeout value +.Dq interval +is specified in seconds or may use any of the units documented in the +.Sx TIME FORMATS +section. +For example, +.Dq session=5m +would cause the interactive session to terminate after five minutes of +inactivity. +Specifying a zero value disables the inactivity timeout. +.Pp +The available channel types include: +.Bl -tag -width Ds +.It Cm agent-connection +Open connections to +.Xr ssh-agent 1 . +.It Cm direct-tcpip , Cm direct-streamlocal@openssh.com +Open TCP or Unix socket (respectively) connections that have +been established from a +.Xr ssh 1 +local forwarding, i.e.\& +.Cm LocalForward +or +.Cm DynamicForward . +.It Cm forwarded-tcpip , Cm forwarded-streamlocal@openssh.com +Open TCP or Unix socket (respectively) connections that have been +established to a +.Xr sshd 8 +listening on behalf of a +.Xr ssh 1 +remote forwarding, i.e.\& +.Cm RemoteForward . +.It Cm session +The interactive main session, including shell session, command execution, +.Xr scp 1 , +.Xr sftp 1 , +etc. +.It Cm tun-connection +Open +.Cm TunnelForward +connections. +.It Cm x11-connection +Open X11 forwarding sessions. +.El +.Pp +Note that in all the above cases, terminating an inactive session does not +guarantee to remove all resources associated with the session, e.g. shell +processes or X11 clients relating to the session may continue to execute. +.Pp +Moreover, terminating an inactive channel or session does not necessarily +close the SSH connection, nor does it prevent a client from +requesting another channel of the same type. +In particular, expiring an inactive forwarding session does not prevent +another identical forwarding from being subsequently created. +.Pp +The default is not to expire channels of any type for inactivity. .It Cm CheckHostIP If set to .Cm yes , |