BestHub
search
Sign in
Operations 10 min read

How to Keep SSH Sessions Alive and Prevent Freezes Using TCP Keepalive Settings

This guide explains why SSH connections may close due to TCP timeouts, describes the relevant kernel parameters, and provides step‑by‑step client and server configuration instructions for Linux and Windows to keep SSH sessions active without interruption.

Top Architect
Top Architect
Top Architect
How to Keep SSH Sessions Alive and Prevent Freezes Using TCP Keepalive Settings

SSH (Secure Shell) is essential for remote server management, but idle sessions often freeze or disconnect because of TCP timeout settings.

Why does SSH close connections?

TCP timeout determines how long a connection waits for a response before considering the session failed. In Linux, parameters such as tcp_keepalive_time , tcp_keepalive_probes , and tcp_keepalive_intvl control this behavior.

Typical default values are:

% cat /proc/sys/net/ipv4/tcp_keepalive_time
7200
% cat /proc/sys/net/ipv4/tcp_keepalive_probes
9
% cat /proc/sys/net/ipv4/tcp_keepalive_intvl
75

These defaults mean the system sends nine probes at 75‑second intervals after 7200 seconds of inactivity, causing the SSH session to terminate after roughly 11 minutes of no user input.

How to keep SSH sessions active

Linux client configuration

Create or edit ~/.ssh/config and add keepalive options:

touch ~/.ssh/config
mkdir ~/.ssh
chmod 700 ~/.ssh
nano ~/.ssh/config

Key options:

Host : Apply settings to all hosts using * .

ServerAliveInterval : Send a keepalive message every 120 seconds (default 0, disabled).

ServerAliveCountMax : Disconnect after 30 unanswered keepalive messages.

This results in a total of 1 hour of inactivity tolerance (120 s × 30 = 3600 s).

Windows client configuration

In PuTTY, set “Seconds between keepalives” (under the Connection tab) to a value greater than zero, e.g., 60 seconds, and save the session.

Server‑side configuration

Edit /etc/ssh/sshd_config and set:

sudo nano /etc/ssh/sshd_config
TCPKeepAlive yes
ClientAliveInterval 120
ClientAliveCountMax 30

These settings make the server send keepalive messages every 120 seconds and terminate after 30 missed responses, also yielding a 1‑hour inactivity window.

After editing, restart the SSH service:

sudo systemctl restart ssh

Conclusion

Properly configuring SSH keepalive balances security—by automatically closing idle sessions—and usability—by preventing unexpected disconnects—ensuring a reliable and safe remote access environment.

TCPlinuxsecurityWindowsSystem AdministrationSSHkeepalive
Top Architect
Written by

Top Architect

Top Architect focuses on sharing practical architecture knowledge, covering enterprise, system, website, large‑scale distributed, and high‑availability architectures, plus architecture adjustments using internet technologies. We welcome idea‑driven, sharing‑oriented architects to exchange and learn together.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment