It is no fun when in the middle of fw monitor / debug session you get abruptly disconnected on SSH session timeout. Here is how to prevent it in the Checkpoint firewall.
The session timeout is defined in cat /etc/bashrc:
# By default, log out the user after three minutes of unattended prompt
# Take into account idle setting of cpshell, if available
if [ -f /etc/cpshell/cpshell.state ]; then
idle=$(grep idle /etc/cpshell/cpshell.state | sed s/idle=//)
if [ $idle"UNDEFINED" = "UNDEFINED" ]; then
expr $idle \* 60
To change the default timeout for ssh session you can:
1) Set idle variable in /etc/cpshell/cpshell.state to be later multiplied
cat /etc/cpshell/cpshell.state audit=100 idle=100 scroll=1
2) Change TMOUT directly to any number of seconds you wish and export it to activate:
I personally when working on client's firewall am setting it manually when long debug session is expected:
[Expert@cp]# export TMOUT
Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish on Linkedin, Github, blog, and more.