I'm aware of the ability to logout inactive SSH sessions after a period of time but leaving something like "top" open works around that.
This question is more in the context of forceful disconnects and likely with cert-based keys.
For example, take a cert-based key that's only valid for 24 hours. I'm wondering if it's possible to have SSH automatically disconnect the open session when the cert end date is reached?
For the situations I'm thinking of forceful disconnects won't be an issue.
If there's a way to forcefully disconnect all sessions after a period of time, like 24 hours. That would be also be useful.
Good question; a quick test on my own Ubuntu 18.04.3 system suggests that no, it will not logout a user. man sshd for BSD suggests that
expiry-timeoffers the time after which the key will not be accepted.My understanding of most SSH systems is that authentication is done at login, and not done again, although I see no reason why a server could not re-authenticate at each command input. I can't find information that suggests my understanding is incorrect.