5 Replies Latest reply on May 1, 2015 7:18 AM by jims

    Preventing SSH from timing out?

    jims New Member

      Hi.  I picked up a pair of 2nd Gen 908e's and I'm trying to figure out how to prevent my SSH sessions from timing out.  According to the AOS manual, the line-timeout command should modify it but they drop after 4 minutes of inactivity.  This is my SSH config;  


      line ssh 0 4

        login local-userlist

        line-timeout 1440

        no shutdown


      I tried adding a ServerAliveInterval to my SSH client but it didn't help.  Am I missing another setting?




        • Re: Preventing SSH from timing out?
          jayh Hall_of_Fame

          Look for an intermediate firewall between your workstation and the unit with a short TCP session timeout setting. 

            • Re: Preventing SSH from timing out?
              jims New Member

              I think you're on to something, Jay.  If I start at the workstation mentioned above, but SSH into an Asterisk server on the same subnet as the TA908e and THEN SSH into the TA908e the connection doesn't drop.  Something with my (intranet) router doesn't agree with Adtran's SSH server.



            • Re: Preventing SSH from timing out?
              david Employee



              I went ahead and flagged this post as "Assumed Answered".  If the response on this thread assisted you, please mark it as Correct or Helpful as the case may be with the applicable buttons.  This will make it visible and help other members of the community find solutions more easily.  If you still need assistance, I would be more than happy to continue working with you on this - just let me know in a reply.




              • Re: Preventing SSH from timing out?
                ricvil New Member

                I will jump in here because I had the same problem and could not find an answer that worked.  Setting the line-timeout parameter worked fine for any value under 10 minutes.  Above that it simply did not work and the session was terminated.


                It turns out that if you have the firewall enabled there is another parameter that terminates sessions at 10 minutes.  It is called 'ip policy-timeout'.  What you need to do is set it to whatever you want (in addition to setting the line-timeout value).


                ip policy-timeout [tcp | udp] <port> <timeout>


                So it would look like:


                ip policy-timeout tcp 22 28800


                Its in seconds so 28800 secs = 8 hours.


                Hope this helps somebody else.