Skip to content

Add --idle-timeout to auto-close inactive SSH sessions#775

Draft
Copilot wants to merge 3 commits into
masterfrom
copilot/add-auto-close-ssh-session
Draft

Add --idle-timeout to auto-close inactive SSH sessions#775
Copilot wants to merge 3 commits into
masterfrom
copilot/add-auto-close-ssh-session

Conversation

Copilot AI commented May 2, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Users have no way to force-close SSH sessions through sshpiperd after a period of inactivity. This adds an opt-in idle timeout on the daemon.

Changes

  • --idle-timeout flag on sshpiperd (env SSHPIPERD_IDLE_TIMEOUT, default 0 = disabled). Accepts any Go duration, e.g. 5m.
  • newIdleTimeoutHook (cmd/sshpiperd/idletimeout.go): a tiny ~15-line helper that returns a PipePacketHook which calls timer.Reset(timeout) on channel-data packets. The daemon creates a single time.AfterFunc(d.idleTimeout, ...) that closes the PiperConn on idle, installs the hook on both up/down chains, and defer timer.Stop()s it on teardown. No goroutine, no atomic state, no stop channel — just stdlib time.Timer.
  • Activity definition: only SSH_MSG_CHANNEL_DATA (94) and SSH_MSG_CHANNEL_EXTENDED_DATA (95) reset the timer. Keepalives, window adjustments, and other control packets are intentionally ignored so client/server SSH keepalives don't defeat the timeout (cf. OpenSSH ClientAliveInterval). This also addresses the maintainer's question on the issue about what "inactive" means.
  • The hook is a pure pass-through (PipePacketHookTransform, packet returned unchanged).
  • Tests in idletimeout_test.go cover: disabled-on-zero / nil timer, only channel-data resets the timer, and ongoing channel-data keeps the timer alive.
  • Snap config doc (cmd/sshpiperd/snap/README.md) updated.

Example

sshpiperd --idle-timeout 5m /path/to/plugin

A pipe with no channel-data traffic in either direction for 5 minutes is closed:

INFO connection from 1.2.3.4:55512 idle for 5m0s, closing
INFO connection from 1.2.3.4:55512 closed reason: EOF

Copilot AI linked an issue May 2, 2026 that may be closed by this pull request
Any option to auto close ssh session after some inactive time #79
Open
Copilot AI changed the title [WIP] Add option to auto close SSH session after inactivity Add --idle-timeout to auto-close inactive SSH sessions May 2, 2026
Copilot AI requested a review from tg123 May 2, 2026 08:45
Copilot finished work on behalf of tg123 May 2, 2026 08:45
@tg123

tg123 commented May 2, 2026

Copy link
Copy Markdown
Owner

@copilot is the impl too heavy?

Copilot AI commented May 2, 2026

Copy link
Copy Markdown
Contributor Author

@copilot is the impl too heavy?

Good call — replaced the idleTracker (polling goroutine + atomic.Int64 + sync.Once + stop channel + ticker, ~100 lines) with a 15-line helper using time.AfterFunc and timer.Reset from the stdlib. The hook just resets the timer on channel-data packets, the timer fires p.Close() on idle, and defer timer.Stop() cleans up — no goroutine, no shared mutable state of our own. Same external behavior, all tests still pass with -race. Pushed in 1359b7d.

Copilot finished work on behalf of tg123 May 2, 2026 09:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tg123 tg123 Awaiting requested review from tg123

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

Assignees

@tg123 tg123

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Any option to auto close ssh session after some inactive time

2 participants

@tg123