Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of OpenEmbedded
Services
SSH Server
Configure OpenSSH Server if Necessary
Set SSH Client Alive Count Max to zero
Set SSH Client Alive Count Max to zero
An XCCDF Rule
Details
Profiles
Prose
Set SSH Client Alive Count Max to zero
Medium Severity
The SSH server sends at most
ClientAliveCountMax
messages during a SSH session and waits for a response from the SSH client. The option
ClientAliveInterval
configures timeout after each
ClientAliveCountMax
message. If the SSH server does not receive a response from the client, then the connection is considered unresponsive and terminated. To ensure the SSH timeout occurs precisely when the
ClientAliveInterval
is set, set the
ClientAliveCountMax
to value of
0
in
/etc/ssh/sshd_config
: