Does the file server disconnect or force authentication of users after a specified period of inactivity?

Question

Is there a setting in SFTP server which defines the max inactivity time for sessions? I'm looking at ServerSettings.MaxSessionDuration, but it's not clear whether it refers to the whole session duration, or only the inactive duration.

Thanks in advance.

Answer 1

MaxSessionDuration specifies when SSH session renegotiation is to occur. This does not disconnect the user, it just renegotiates encryption keys. Forcing reauthentication is not supported by the SSH protocol.

Disconnect users after a period of inactivity is not currently supported, although some form of it can be implemented by closing instances of ServerSession obtained through FileServer.Sessions, although detecting inactivity might be tricky.

Comments

"Disconnect users after a period of inactivity is not currently supported" - any chance for it to be in the (near) future?

---

I guess we should at least make that easier. However, how do you define "inactivity"? Should session that only pings the server wish an "ignore" packet every minute to be considered inactive?

---

At a high level, I would define activity as commands issued by SFTP clients as a result of explicit user interaction or scripts (in case of unattended clients). Anything else (and I am aware that this is rather generic) would fall in the category of inactivity.

---

That's quite tricky, because at the server, there is no way to determine which activity is a result of explicit user interaction. However, I guess we will try adding a LastActivity (DateTime) property (while possibly making it possible to specify which actions are to be consideres 'activity') to ServerSession to make it possible to implement the auto-disconnect feature. I added this to our list of future improvements.

---

If the client is configured to keep alive the session (e.g. https://winscp.net/eng/docs/ui_login_connection#keepalives), does FileServer expose events in which we could identify the type of packet received (such as SSH_MSG_IGNORE or SSH_FXP_REALPATH)?

---

Exposing SSH_MSG_IGNORE event doesn't look like a good idea. These packets are also used to mitigate some kinds of attacks on CBC ciphers, in which case they are send with every packet.
Firing an event for SSH_FXP_REALPATH would be somewhat arbitrary. This is not actually a keep-alive mechanism, it's SFTP protocol's path canonicalization request that doesn't change anything, which makes it possible to misuse it to trick SFTP servers into detecting "ativity". Other SFTP requests such as SSH_FXP_STAT could be used instead. However, it is possible to detect actual file system activity using our virtual file system API (see https://www.rebex.net/file-server/features/virtual-file-systems.aspx).