SDN/SDDC Retreat in Miami, Florida (November 4th-6th)
Separate SDN hype from real life!

SSH timeouts

The readers preparing for various certification exams are a constant source of amazing details, including this one:

I have configured ip ssh timeout 60 and exec-timeout 5 on VTY lines. Preferred input connection is ssh. How much time can I be idle?

According to the IOS documentation, the ip ssh timeout detects the problems in SSH negotiation phase (including user authentication) and the exec-timeout detects user inactivity after the user has logged in.

Do not set ip ssh timeout to a very low value or you won’t be able to type your password before the router disconnects the session.

This article is part of You've asked for it series.

1 comment:

  1. in asa/pix the ssh timeout is also the idle timeout ?


You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.