Ssh – Kill an SSH tunnel after X minutes even if it’s still being used

networkingprocesssshssh-tunneltunneling

I'm setting up some background SSH tunnel for some backup procedures. However I'm worried the ssh process just sitting around. At the end of my script I kill the PID, but what if something happens to my script and it doesn't finish. I want something that's a bit more robust.

Is there anyway to get the SSH tunnel to kill itself after X seconds / minutes?

At the moment I'm starting it like this

ssh -f -N -L 14880:internalserver:3306 gateway.example.com

And then using lsof to get the PID that's opened that port.

Best Answer

Here's a cleaner way of doing it that has been proposed before:

ssh -f -N -L 14880:internalserver:3306 gateway.example.com &
PIDSSH=$!
( sleep 600 ; echo "Timeout." ; kill $PIDSSH ) &
PIDSLEEP=$!
wait $PIDSSH
kill $PIDSLEEP && echo "Session ended before timeout"
wait

However you don't get an error code from ssh, but that could be arranged.

Related Solutions

Ssh – Why does logging out of an SSH session hang when using port-forwarding

As you expected, this happens because SSH won't exit if there are outstanding connections going through the tunnel.

If you exit your browser (and all other programs that are going through the port 9000 tunnel) then SSH should exit.

The ssh man page says:

 The session terminates when the command or shell on the remote machine exits and all X11 and TCP connections have been closed.

And I don't see any options to change that behavior, so I suspect there's nothing you can do.

Bash snippet for killing a process until it’s dead

The problem with repeatedly killing a process is that you've got a race condition with new process creation. It's not particularly likely, but it's possible that the process will exit and a new process start up with the same PID while you're sleeping.

Why are you having to repeatedly kill the process? If it's because the process will exit, but it may take some time to quit after receiving the signal, you could use wait:

 kill $PID
 wait $PID

In an ideal system, you'd never have to repeat a kill or issue kill -9 $PID. If you do have to, you might want to consider fixing whatever it is that you're running so you don't have to. In the meantime, you will probably not hit the race condition, and you can guard against it by (say) checking the timestamp of /proc/$PID/ just before killing the process. That's bad hackiness, though.

Best Answer

Related Solutions

Ssh – Why does logging out of an SSH session hang when using port-forwarding

Bash snippet for killing a process until it’s dead

Related Topic