Ever got swearing when in the middle of fw monitor / debug session you got abruptly thrown on session timeout ?? Me too. While thinking naively ssh timeout is managed by sshd/ssh configs I was suprised to know CP did it their way.
Turned out here we get definitions for interactive session : cat /etc/bashrc
<CUT>
# By default, log out the user after three minutes of unattended prompt
export TMOUT=180
export SHELL=/bin/bash
# Take into account idle setting of cpshell, if available
if [ -f /etc/cpshell/cpshell.state ]; then
idle=`grep idle /etc/cpshell/cpshell.state | sed s/idle=//`
if [ $idle"UNDEFINED" = "UNDEFINED" ]; then
idle=3
fi
export TMOUT=`expr $idle \* 60`
fi
So to change the default timeout for ssh session you can:
1) Set idle variable in /etc/cpshell/cpshell.state to be later multiplied
cat /etc/cpshell/cpshell.state
audit=100
idle=100
scroll=1
2) Change last export directly to whatever you wish:
export TMOUT=7000 ; in seconds
I personally when working on client’s firewall am setting it manually when long debug session is expected:
[Expert@cp]# TMOUT=700
[Expert@cp]# export TMOUT
Thanks – I’ve tried just doing:
[Expert@cp]# TMOUT=700
[Expert@cp]# export TMOUT
But I am still logged out after 600 sec
Try doing a
# echo $TMOUT
to see actual active timeout after you change it to 700 secs
Also, if changed on command line it is relevant only to this particular session, so if you open another session it will take timeout from files I specified.