shell inactivity timout

From cpwiki.net
Revision as of 20:42, 10 June 2014 by Nighthawk (Talk | contribs)

Jump to: navigation, search
Check Point Profressional Services

shell timeout for ssh session is controlled by an environment variable called TMOUT. it is a ridiculously annoyingly low 180 seconds / 3 minutes by default for many check point platforms.

[Expert@myfirewall:0]# echo $TMOUT
600

to change it, use cpshell with account that has root privelege access on SPLAT or Gaia, and set the ilde time...

[Expert@myfirewall]# cpshell

set idle time in minutes

[myfirewall]# idle 15

if you want it to take effect in your current shell... exit cpshell, from the expert prompt...

[Expert@myfirewall]# source /etc/bashrc

      • note, an "Expert" prompt doesn't mean your account has root priveleges.

The value is set by /etc/bashrc

example /etc/bashrc from Check Point Gaia R77.10

# SPLAT specific setup
IDLE="`sed -n 's/idle=//p' /etc/cpshell/cpshell.state 2>/dev/null`"
[ -z "$IDLE" ] && IDLE=3
export TMOUT=`expr $IDLE \* 60`


  1. By default, log out the user after three minutes of unattended prompt

export TMOUT=180 export SHELL=/bin/bash

example /etc/bashrc from Check Point SecurePlatform R75.30

# Take into account idle setting of cpshell, if available
if [ -f /etc/cpshell/cpshell.state ]; then
  idle=`grep idle /etc/cpshell/cpshell.state | sed s/idle=//`
  if [ $idle"UNDEFINED" = "UNDEFINED" ]; then
         idle=3
  fi
  export TMOUT=`expr $idle \* 60`
fi