Whats the difference between ConnectTimeout and ServerAliveInterval in ssh

Question

I am doing ssh on several remote servers, Some of the servers doesn't respond and some of them might be down.

To preclude such scenarios I used ConnectTimeout in ssh command. It was timing out as I configured It to be.

My current way of doing ssh

ssh -o LogLevel=Error -oConnectTimeout=5 -oBatchMode=yes -l becomeaccount servername './command.sh'

All was going good until one day when I found a stale ssh connection on one of my server. It was on for more than 3 days.

So now I think I might have missed something, I tried to google it and found there is something called as ServerAliveInterval...would that solve my problem? how is it different than ConnectTimeOut ?

Answer 1

The "ServerAliveInterval" specifies a periodic polling time between the SSH server and client. The intent is twofold:

(1) To close down idle ssh sessions where either [a] one side or the other crashes hard (i.e.: machine failure/poweroff) [b] one side or the other changes IP addresses

(2) To MAINTAIN idle ssh sessions over a NAT that would tear down (or terminate) idle TCP sessions

ServerAliveInterval affects the "ssh" client. There's a corresponding parameter for the "sshd" server. (There is also a TCPKeepAlive option too.) If you're seeing orphaned sshd sessions on your remote servers, you should consider making appropriate changes in the remote servers's sshd_config. If you can't implement changes in the remote server's sshd_config but still need to have idle logins die, check to see if your shell has an idle-timeout ("bash" does.)