How do I stop a telnet session from timing out?

telnet cisco

5,893

Solution 1

The interact statement of expect can take pairs of patterns and actions somewhat like the expect statement. In particular, you can add a timeout pattern and an action of sending. For example,

interact timeout 10 { send "date\r" }

would send what you type as usual, but if you do not type for 10 seconds, it will then send the string date and carriage-return. If you are using telnet, in char mode, you might be able to keep the connection alive by simply sending a space followed by a backspace, which would not disrupt any partial line you had already typed:

interact timeout 150 { send " \b" }

Solution 2

You have got the default timeout on your telnet sessions in the Cisco side, and not on the Linux side as a security measure.

I advise not confusing those timeouts with TCP keepalives. They are layer 7 timeouts for console/human operator inactivity.

I would say you should setup ssh sessions and not telnet to Cisco routers due to security concerns.

One of the configurations you can do on cisco side if you go for ssh is:

ip ssh timeout 300

As for telnet, you can change the default timeout as:

r1# configure terminal
r1(config)# line vty 
r1(config-line)# exec-timeout 300

You can also use exec-timeout 0 or ip ssh timeout 0 for not having timeouts in telnet or ssh, however it is not considered a good security pratice. .

I would also advise changing other default configurations of the router, namely the default hostname.

5,893

Khaled Abuelenain

Updated on September 18, 2022

Comments

Khaled Abuelenain over 1 year
I connect to a Cisco router using telnet.

The connection times out every 3 minutes.

How do stop my telnet session from getting disconnected from the router due to a timeout.

I understand that putty and SecureCRT can send a null or escape character periodically to stop the session (telnet or SSH) from timing out.

How do I do this on Linux without a 3rd party program ? I use the following script as a startup script when starting my terminal:
```
#!/usr/bin/expect -f

spawn telnet <Router IP Address>
expect -re "ogin: "
send "*******\n"
expect -re "assword:"
send "***********\n"
sleep 2
expect "Router>"
interact
```
- Jeff Schaller about 6 years
  
  Do you have an ssh session or a telnet session? Your title, tags, and body are confused.
- Khaled Abuelenain about 6 years
  
  I'm using Telnet. The only place I mentioned SSH in my post was when referencing the feature for sending periodic characters to the session in SecureCRT and Putty. Thanks.
Khaled Abuelenain about 6 years

I understand the security issues with telnet, but I'm not in a position to change the access method to SSH as the routers are owned by a client. Ideally, I am looking for a way to send periodic TCP keepalives from my terminal while I'm inside a telnet session by adding something to the script in my original post.
Khaled Abuelenain about 6 years

Or some way to emulate pressing any character on my keyboard, while I'm inside a telnet session by adding something to the script in my original post - to stop the session from timing out. Thanks.
BowlOfRed about 6 years

@KhaledAbuelenain, are you saying the exec-timeout setting in this answer wasn't sufficient?
Rui F Ribeiro about 6 years

@KhaledAbuelenain Either leaving a telnet open or changing exec-timeout is the same thing. The solution is not the script, as soon you hit interact, you cannot do much more with expect. What you need for now is bigger exec-timeouts
Rui F Ribeiro about 6 years

In an ideal world, what you would need would be bigger exec-timeouts, and if you dream on inject commands, it would be to be a modified telnet program to be aware how for long have you not done commands. It would be an ugly hack. The timeout is done at the Cisco side, and it is too low to not be change at Cisco side.
Khaled Abuelenain about 6 years

Exactly what I was looking for. Worked like a charm. Thank you very much !
Khaled Abuelenain about 6 years

@RuiFRibeiro - thank you very much for taking the time to reply to my query. I fully agree with you on the ssh vs. telnet subject and I fully agree with you that the timeout values can be amended on the routers (I'm a 2xCCIE). However, my exact question was how to emulate SecureCRT's technique of keeping a session open without timing-out. The question was surgically answered by meuh below and that was by using interact with the timeout option.
Khaled Abuelenain about 6 years

One of the reasons for needing this is that I usually have more than 6 sessions open and while working on one, I need to monitor the "term mon" output on another (for example) - sessions timing out on me are really inconvenient while doing configuration that has service impact and I have a window of a few minutes to migrate a service.
Khaled Abuelenain about 6 years

@BowlOfRed - It is a great answer but not for my question. Please read my comments and check the answer by meuh below. This will probably elaborate the question a little more. Thank you for joining this discussion.
Rui F Ribeiro about 6 years

cool thing. starting day here, will revisit later on my answer