The meaning of the ClientAliveCountMax=0 parameter modified in OpenSSH 8.2 is as follows: https://anongit.mindrot.org/openssh.git/commit/?id=69334996ae203c51c70bf01d414c918a44618f8e This modification indicates that the OpenSSH does not provide the function of exiting the client due to timeout after no operation is performed on the client for a long time. In most cases, a client that does not perform any operation responds to the heartbeat packets sent by the server. The TMOUT parameter in /etc/profile can implement this function. This parameter, however, is configurable on the client. We hope that OpenSSH can re-provide a parameter on the server to make the client that does not perform any operation exit due to timeout.
Killing the connection because of inactivity was never the specified function of ClientAliveInterval and that it happened to work that way was an accident. Note that the previous behaviour was not reliable - a client that set a ServerAliveInterval or that kept a forwarded TCP connection open would never be killed for inactivity. If you need a idle timeout, then I suggest looking at shell features (e.g. bash's TMOUT) or something like a PAM module.
close bugs that were resolved in OpenSSH 8.5 release cycle
(In reply to Damien Miller from comment #1) > If you need a idle timeout, then I suggest looking at shell features > (e.g. bash's TMOUT) or something like a PAM module. I am trying to add an idle timeout to an ssh server on an embedded system which does not have bash. I haven't been able to find any reference to a PAM that will add timeout functionality, would you be able to point me in the right direction? Either a specific module if you know if one or some keywords that will help find some results? Thanks!
Hi Damien Miller, `close bugs that were resolved in OpenSSH 8.5 release cycle` can u please share the BZ(or release notes) for the provided fix.
https://www.openssh.com/releasenotes.html#9.2 under "New Features"