Perpetual SSH connnection security and practical implications I have used the linux desktop for many years, but I rarely get into its networking aspects. I run a personal fileserver (primarily running owncloud on Ubuntu 14.04), and to perform regular maintainence and log-checking I ssh into the machine. I find myself leaving a ssh connection open from my desktop to the fileserver from time-to-time, simply out of convienince. My question is two fold: 1. {What are} / {are there} security implications of leaving a ssh connection perpetually open? 2. {What are} / {are there} practicality implications? I.e. network usage, etc... I realize that from the traffic viewpoint, there will be an occasional 'keep alive' packet to maintain the connection, but otherwise I don't expect much overhead. Correct?

> {What are} / {are there} security implications of leaving a ssh connection perpetually open?

The session key is renegotiated periodically so there aren't many confidentiality issues. You can configure the time between renegotiates with `RekeyLimit` (second parameter to that directive) if that's a concern for you.

As shadowbq kind of alluded, the security issues are basically the same as running any other remote control client perpetually. Meaning it potentially increases the attack surface of your internal network in a way that's dependent on the physical security of the workstation.

> {What are} / {are there} practicality implications? I.e. network usage, etc...

Next to nil. The server and client will occasionally rekey the session but outside of that it's just the normal SSH-level and TCP-level keepalives that get sent. We're probably talking about a few KB worth of network packets over the span of half an hour though.