We have a connection to one of our servers from an external party. This party logs in using sftp and uploads some files. The sessions are not closed by that party and they don't know how to get that done (it's a Windows server and appearantly the scripts they are using do not support it).
Now the server crashed last week because it was low in memory. After some searching I found out there were 2500 SSH connections (some a couple of months old). Each taking up just a little bit of memory, but together it crashed the server. I killed them all and now it is running smoothly.
How can I prevent this from happening again? I would like to have all sessions be killed after a couple of hours. Is that possible from the server side or should I create a script for that myself?
There has a lot been written about SSH timeouts, but all solutions are client side.
EDIT: For now I have created this script which runs every night:
count=$(ps aux | grep [USERNAME] | wc -l)
echo "Found $count processes";
for i in $(seq $count)
do
echo "kill $i"
kill -9 $(ps aux | grep [USERNAME] | grep -v grep | head -n 1 | tr -s ' ' | cut -f 2 -d ' ')
done
service ssh restart
You need to replace [USERNAME] with the logged in user. It will kill all processes of this user, but in my case there are only SSH connections running for this user.
Best Answer
Edit your SSH Server's config file to include
This will disconnect all idle clients after 10 minutes (600 seconds).
Quoting the manual: