Configuring Inactivity Timeout Period Configuration, and Local and Remote Idle Session Termination
Configure Session Termination
Terminate the session after the security administrator specifies inactive timeout period.
The idle timeout configuration explained below applies to both the remote SSH as well as local console sessions.
Sample Output for Local Administrative Session Termination
FreeBSD/arm64 (host) (ttyu0)
login: crypto-officer
Password:
Last login: Tue Jul 29 04:07:59 from 10.220.196.20
--- JUNOS 23.4R1.10 Kernel 64-bit JNPR-15.0-20250404.74caf3f_buil
crypto-officer@host> exit
FreeBSD/arm64 (host) (ttyu0)
login: crypto-officer
Password:
Last login: Tue Jul 29 04:08:36 on ttyu0
--- JUNOS 23.4R1.10 Kernel 64-bit JNPR-15.0-20250404.74caf3f_buil
crypto-officer@host> quit
FreeBSD/arm64 (host) (ttyu0)
login:
con host
Trying a.b.c.d...
'autologin': unknown argument ('set ?' for help).
Connected to device.example.com
Escape character is '^]'.
Type the hot key to suspend the connection: <CTRL>Z
FreeBSD/amd64 (host) (ttyu0)
login: crypto-officer
Password:
Last login: Sun Feb 16 22:14:09 2025 from 10.220.196.20
--- JUNOS 23.4R1.10 Kernel 64-bit JNPR-15.0-20240618.78e5114_buil
crypto-officer@host> Warning: session will be closed in 1 minute if there is no activity
Warning: session will be closed in 10 seconds if there is no activity
Idle timeout exceeded: closing session
FreeBSD/amd64 (host) (ttyu0)
For password authentication (both remote and local), login interacts with a user to request a username and password to establish and verify the user’s identity. The username entered by the administrator at the username prompt is reflected to the screen, but no feedback to screen is provided while the entry made by the administrator at the password prompt until the Enter key is pressed, following which either access to the CLI is provided (correct password) or the password prompt is presented again (incorrect password). This is the default behavior and does not require any configuration.
Local console sessions display the banner FreeBSD/amd64 (hostname) (ttyu0) before the login prompt. This message is not shown during remote SSH access. Administrators should use this difference to verify whether the session is local or remote.
Sample Output for Remote Administrative Session Termination
ssh crypto-officer@host Password: Last login: Sun Feb 16 22:12:15 2025 --- JUNOS 23.4R1.10 Kernel 64-bit JNPR-15.0-20240618.78e5114_buil crypto-officer@host> exit Connection to host closed. #ssh crypto-officer@host Password: Last login: Sun Feb 16 22:12:15 2025 --- JUNOS 23.4R1.10 Kernel 64-bit JNPR-15.0-20240618.78e5114_buil crypto-officer@host> quit Connection to host closed. #ssh crypto-officer@host Password: Last login: Sun Feb 16 22:14:09 2025 from 10.220.196.20 --- JUNOS 23.4R1.10 Kernel 64-bit JNPR-15.0-20240618.78e5114_buil At least one package installed on this device has limited support. Run 'file show /etc/notices/unsupported.txt' for details. crypto-officer@host> crypto-officer@host> Warning: session will be closed in 10 seconds if there is no activity Idle timeout exceeded: closing session crypto-officer@host> auto-logout Connection to host closed.
Sample Output for User Initiated Termination
ssh crypto-officer@host Password: Last login: Mon Feb 17 01:17:22 2025 from 10.220.208.13 --- JUNOS 23.4R1.10 Kernel 64-bit JNPR-15.0-20240618.78e5114_buil At least one package installed on this device has limited support. Run 'file show /etc/notices/unsupported.txt' for details. crypto-officer@host> crypto-officer@host> exit logout Connection to host closed.