cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
15872
Views
1
Helpful
6
Replies

How to clear disconnected SSH Sessions ACS Server

cybrsage
Level 1
Level 1

My secondary ACS server shows me an ever growing list of disconnected sessions when I log into it.  The list starts with the following message:

Following disconnected ssh sessions are available to resume.

I would like to ensure all disconnected sessions are closed immediately (or as soon as possible) after the user disconnects.  Some of these sessions are months old.  How do I go about doing this?

Thanks!

The ACS Server is Linux Based, here is the show ver:

show ver

Cisco Application Deployment Engine OS Release: 2.2
ADE-OS Build Version: 2.2.3.002
ADE-OS System Architecture: x86_64

Copyright (c) 2005-2015 by Cisco Systems, Inc.
All rights reserved.
Hostname: SECONDARY


Version information of installed applications
---------------------------------------------


Cisco ACS VERSION INFORMATION
-----------------------------
Version : 5.8.1.4
Internal Build ID : B.462

2 Accepted Solutions

Accepted Solutions

dperezoquendo
Level 1
Level 1

Hello,

I believe you can clear sessions by doing the following:

sh users

forceout <username>

You should also be able to set a timeout with terminal session-timeout ## command.

View solution in original post

Hmm, that's interesting. You might have to restart ACS if your able. The timeout sessions should be able to prevent this from happening again.

View solution in original post

6 Replies 6

dperezoquendo
Level 1
Level 1

Hello,

I believe you can clear sessions by doing the following:

sh users

forceout <username>

You should also be able to set a timeout with terminal session-timeout ## command.

One of my users is user - with a few dozen disconnected sessions.  Forceout user does not close the disconnected sessions.  Same with admin.

I cannot use the terminal session-timeout command, it is not a known command.

EDIT:  The command does exist, it is just not in the config t portion, but in the main enable portion instead, oddly enough.  I am adding in a 60 min timeout.

Hmm, that's interesting. You might have to restart ACS if your able. The timeout sessions should be able to prevent this from happening again.

The timeout-sessions does not show in the config anywhere, though it accepted the command readily enough.  I rebooted and all the sessions are gone.  I will have to see if they return.

Thanks for the help so far!!

The forceout command also works on ISE 2.7, I had a stuck tail session and the 30 minute timeout wasn't kicking it.  forceout did the trick, thank you

cybrsage
Level 1
Level 1

It has stayed cleared since the last reload of the box.  I believe it was adding the terminal session-timeout 60 command and saving the config, then doing a reload that fixed it.

Thank you VERY much!!