Hi,
systemd-logind has recently introduced a new option StopIdleSessionSec which has become available in Rocky 8.7 and onward as well as in Rocky 9.
From logind.conf(5):
StopIdleSessionSec=
Specifies a timeout in seconds, or a time span value after which
systemd-logind checks the idle state of all sessions. Every session
that is idle for longer then the timeout will be stopped. Defaults
to “infinity” (systemd-logind is not checking the idle state of
sessions). For details about the syntax of time spans, see
systemd.time(7).
This works as expected for regular ssh sessions. However, multiplexed (control master) ssh sessions that exceed the configured timeout are not being terminated.
Steps to reproduce:
On remote system:
- Configure StopIdleSessionSec=300 in /etc/systemd/logind.conf
- Run systemctl restart systemd-logind.service
On local system: Open control master ssh session to remote system (initial master connection)
- mkdir -p ~/.ssh/controlmasters
- ssh -M -S ~/.ssh/controlmasters/%r@%h:%p user@remote
On local system: Open subsequent slave ssh connection to remote system via control socket of the master connection established above
- ssh -S ~/.ssh/controlmasters/%r@%h:%p user@remote
On remote system: Observe IDLE time of both user sessions increasing beyond configured timeout of 300 seconds
- watch w
Note that both ssh sessions remain alive when their IDLE time exceeds timeout of 300 seconds.
I did expect that multiplexed control master ssh sessions that are idle for longer than StopIdleSessionSec timeout would have been terminated as well much like regular (non multiplexed) ssh sessions. But that does not seem to be the case.
Is that expected behaviour? Or a bug?
Best regards
Jürgen