impl: support for configuring SSH connection timeout (#256)

fioan89 · web-flow · commit 7aa406734439 · 2026-01-29T22:15:47.000+02:00
Starting with Toolbox 3.3 the SSH connection timeout will be enforced by passing the value to the SSH command. Up until today the Coder plugin relied only on the default value (10 seconds) which was anyway ignored by Toolbox (i.e. it was not passed to the SSH command) On the other hand we generate the SSH config with ConnectTimeout = 0 which effectively means whatever the OS configured. Once Toolbox 3.3 is released the command parameter will take precedence over the SSH config timeout. With his PR there is now a user configurable setting via the UI Settings page which defaults to 10 seconds, and it is passed to both the command line but also to the config file. - resolves https://youtrack.jetbrains.com/issue/TBX-17312
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,10 @@
 
 ## Unreleased
 
+### Added
+
+- support for configuring the SSH connection timeout, defaults to 10 seconds
+
 ## 0.8.4 - 2026-01-20
 
 ### Fixed
diff --git a/README.md b/README.md
@@ -398,6 +398,10 @@ The following options control the SSH behavior of the Coder CLI.
 - `Enable SSH wildcard config` enables or disables wildcard entries in the SSH configuration, which allow generic
   rules for matching multiple workspaces.
 
+- `SSH connnection timeout (seconds)` controls how long the SSH client will wait while trying to establish a TCP
+  connection to the remote host before giving up. Defaults to 0 seconds which means it uses the system’s TCP timeout
+  settings instead.
+
 - `SSH proxy log directory` directory where SSH proxy logs are written. Useful for debugging SSH connection issues.
 
 - `SSH network metrics directory` directory where network information used by the SSH proxy is stored.
diff --git a/src/main/kotlin/com/coder/toolbox/CoderRemoteEnvironment.kt b/src/main/kotlin/com/coder/toolbox/CoderRemoteEnvironment.kt
@@ -293,6 +293,7 @@ class CoderRemoteEnvironment(
      * have to do is provide it a host name.
      */
     override suspend fun getContentsView(): EnvironmentContentsView = EnvironmentView(
+        context,
         client.url,
         cli,
         workspace,
diff --git a/src/main/kotlin/com/coder/toolbox/cli/CoderCLIManager.kt b/src/main/kotlin/com/coder/toolbox/cli/CoderCLIManager.kt
@@ -392,7 +392,7 @@ class CoderCLIManager(
             ?.let { "\n" + it.prependIndent("  ") }
             ?: ""
         val options = """
-            ConnectTimeout 0
+            ConnectTimeout ${context.settingsStore.sshConnectionTimeoutInSeconds}
             StrictHostKeyChecking no
             UserKnownHostsFile /dev/null
             LogLevel ERROR
diff --git a/src/main/kotlin/com/coder/toolbox/settings/ReadOnlyCoderSettings.kt b/src/main/kotlin/com/coder/toolbox/settings/ReadOnlyCoderSettings.kt
@@ -133,6 +133,11 @@ interface ReadOnlyCoderSettings {
      */
     val isSshWildcardConfigEnabled: Boolean
 
+    /**
+     * Timeout duration in seconds for establishing an SSH connection.
+     */
+    val sshConnectionTimeoutInSeconds: Int
+
     /**
      * The location of the SSH config.  Defaults to ~/.ssh/config.
      */
diff --git a/src/main/kotlin/com/coder/toolbox/store/CoderSettingsStore.kt b/src/main/kotlin/com/coder/toolbox/store/CoderSettingsStore.kt
@@ -70,6 +70,8 @@ class CoderSettingsStore(
     override val requiresMTlsAuth: Boolean get() = tls.certPath?.isNotBlank() == true && tls.keyPath?.isNotBlank() == true
     override val disableAutostart: Boolean
         get() = store[DISABLE_AUTOSTART]?.toBooleanStrictOrNull() ?: (getOS() == OS.MAC)
+    override val sshConnectionTimeoutInSeconds: Int
+        get() = store[SSH_CONNECTION_TIMEOUT_IN_SECONDS]?.toIntOrNull() ?: 0
     override val isSshWildcardConfigEnabled: Boolean
         get() = store[ENABLE_SSH_WILDCARD_CONFIG]?.toBooleanStrictOrNull() ?: true
     override val sshConfigPath: String
@@ -233,6 +235,10 @@ class CoderSettingsStore(
         store[DISABLE_AUTOSTART] = shouldDisableAutostart.toString()
     }
 
+    fun updateSshConnectionTimeoutInSeconds(sshConnectionTimeoutInSeconds: Int) {
+        store[SSH_CONNECTION_TIMEOUT_IN_SECONDS] = sshConnectionTimeoutInSeconds.toString()
+    }
+
     fun updateEnableSshWildcardConfig(enable: Boolean) {
         store[ENABLE_SSH_WILDCARD_CONFIG] = enable.toString()
     }
diff --git a/src/main/kotlin/com/coder/toolbox/store/StoreKeys.kt b/src/main/kotlin/com/coder/toolbox/store/StoreKeys.kt
@@ -40,6 +40,8 @@ internal const val TLS_CERT_REFRESH_COMMAND = "tlsCertRefreshCommand"
 
 internal const val DISABLE_AUTOSTART = "disableAutostart"
 
+internal const val SSH_CONNECTION_TIMEOUT_IN_SECONDS = "sshConnectionTimeoutInSeconds"
+
 internal const val ENABLE_SSH_WILDCARD_CONFIG = "enableSshWildcardConfig"
 
 internal const val SSH_CONFIG_PATH = "sshConfigPath"
diff --git a/src/main/kotlin/com/coder/toolbox/views/CoderSettingsPage.kt b/src/main/kotlin/com/coder/toolbox/views/CoderSettingsPage.kt
@@ -15,7 +15,6 @@ import com.jetbrains.toolbox.api.ui.components.UiField
 import kotlinx.coroutines.CoroutineName
 import kotlinx.coroutines.Job
 import kotlinx.coroutines.channels.Channel
-import kotlinx.coroutines.channels.ClosedSendChannelException
 import kotlinx.coroutines.flow.MutableStateFlow
 import kotlinx.coroutines.flow.StateFlow
 import kotlinx.coroutines.flow.update
@@ -69,32 +68,62 @@ class CoderSettingsPage(
         )
     )
 
-    private val enableBinaryDirectoryFallbackField =
-        CheckboxField(
-            settings.enableBinaryDirectoryFallback,
-            context.i18n.ptrl("Enable binary directory fallback")
-        )
-    private val headerCommandField =
-        TextField(context.i18n.ptrl("Header command"), settings.headerCommand ?: "", TextType.General)
-    private val tlsCertPathField =
-        TextField(context.i18n.ptrl("TLS cert path"), settings.tls.certPath ?: "", TextType.General)
-    private val tlsKeyPathField =
-        TextField(context.i18n.ptrl("TLS key path"), settings.tls.keyPath ?: "", TextType.General)
+    private val enableBinaryDirectoryFallbackField = CheckboxField(
+        settings.enableBinaryDirectoryFallback,
+        context.i18n.ptrl("Enable binary directory fallback")
+    )
+    private val headerCommandField = TextField(
+        context.i18n.ptrl("Header command"),
+        settings.headerCommand ?: "",
+        TextType.General
+    )
+
+    private val tlsCertPathField = TextField(
+        context.i18n.ptrl("TLS cert path"),
+        settings.tls.certPath ?: "",
+        TextType.General
+    )
+    private val tlsKeyPathField = TextField(
+        context.i18n.ptrl("TLS key path"),
+        settings.tls.keyPath ?: "", TextType.General
+    )
     private val tlsCAPathField =
         TextField(context.i18n.ptrl("TLS CA path"), settings.tls.caPath ?: "", TextType.General)
     private val tlsAlternateHostnameField =
         TextField(context.i18n.ptrl("TLS alternate hostname"), settings.tls.altHostname ?: "", TextType.General)
-    private val disableAutostartField =
-        CheckboxField(settings.disableAutostart, context.i18n.ptrl("Disable autostart"))
-
-    private val enableSshWildCardConfig =
-        CheckboxField(settings.isSshWildcardConfigEnabled, context.i18n.ptrl("Enable SSH wildcard config"))
-    private val sshExtraArgs =
-        TextField(context.i18n.ptrl("Extra SSH options"), settings.sshConfigOptions ?: "", TextType.General)
-    private val sshLogDirField =
-        TextField(context.i18n.ptrl("SSH proxy log directory"), settings.sshLogDirectory ?: "", TextType.General)
-    private val networkInfoDirField =
-        TextField(context.i18n.ptrl("SSH network metrics directory"), settings.networkInfoDir, TextType.General)
+
+    private val disableAutostartField = CheckboxField(
+        settings.disableAutostart,
+        context.i18n.ptrl("Disable autostart")
+    )
+
+    private val enableSshWildCardConfig = CheckboxField(
+        settings.isSshWildcardConfigEnabled,
+        context.i18n.ptrl("Enable SSH wildcard config")
+    )
+
+    private val sshConnectionTimeoutField = TextField(
+        context.i18n.ptrl("SSH connection timeout (seconds)"),
+        settings.sshConnectionTimeoutInSeconds.toString(),
+        TextType.Integer
+    )
+
+    private val sshExtraArgs = TextField(
+        context.i18n.ptrl("Extra SSH options"),
+        settings.sshConfigOptions ?: "",
+        TextType.General
+    )
+
+    private val sshLogDirField = TextField(
+        context.i18n.ptrl("SSH proxy log directory"),
+        settings.sshLogDirectory ?: "",
+        TextType.General
+    )
+    private val networkInfoDirField = TextField(
+        context.i18n.ptrl("SSH network metrics directory"),
+        settings.networkInfoDir,
+        TextType.General
+    )
 
     private lateinit var visibilityUpdateJob: Job
     override val fields: StateFlow<List<UiField>> = MutableStateFlow(
@@ -115,6 +144,7 @@ class CoderSettingsPage(
             tlsAlternateHostnameField,
             disableAutostartField,
             enableSshWildCardConfig,
+            sshConnectionTimeoutField,
             sshLogDirField,
             networkInfoDirField,
             sshExtraArgs,
@@ -124,36 +154,43 @@ class CoderSettingsPage(
     override val actionButtons: StateFlow<List<RunnableActionDescription>> = MutableStateFlow(
         listOf(
             Action(context, "Save", closesPage = true) {
-                context.settingsStore.updateBinarySource(binarySourceField.contentState.value)
-                context.settingsStore.updateBinaryDirectory(binaryDirectoryField.contentState.value)
-                context.settingsStore.updateDataDirectory(dataDirectoryField.contentState.value)
-                context.settingsStore.updateEnableDownloads(enableDownloadsField.checkedState.value)
-                context.settingsStore.updateUseAppNameAsTitle(useAppNameField.checkedState.value)
-                context.settingsStore.updateDisableSignatureVerification(disableSignatureVerificationField.checkedState.value)
-                context.settingsStore.updateSignatureFallbackStrategy(signatureFallbackStrategyField.checkedState.value)
-                context.settingsStore.updateHttpClientLogLevel(httpLoggingField.selectedValueState.value)
-                context.settingsStore.updateBinaryDirectoryFallback(enableBinaryDirectoryFallbackField.checkedState.value)
-                context.settingsStore.updateHeaderCommand(headerCommandField.contentState.value)
-                context.settingsStore.updateCertPath(tlsCertPathField.contentState.value)
-                context.settingsStore.updateKeyPath(tlsKeyPathField.contentState.value)
-                context.settingsStore.updateCAPath(tlsCAPathField.contentState.value)
-                context.settingsStore.updateAltHostname(tlsAlternateHostnameField.contentState.value)
-                context.settingsStore.updateDisableAutostart(disableAutostartField.checkedState.value)
-                val oldIsSshWildcardConfigEnabled = settings.isSshWildcardConfigEnabled
-                context.settingsStore.updateEnableSshWildcardConfig(enableSshWildCardConfig.checkedState.value)
-
-                if (enableSshWildCardConfig.checkedState.value != oldIsSshWildcardConfigEnabled) {
-                    context.cs.launch(CoroutineName("SSH Wildcard Setting")) {
-                        try {
+                with(context.settingsStore) {
+                    updateBinarySource(binarySourceField.contentState.value)
+                    updateBinaryDirectory(binaryDirectoryField.contentState.value)
+                    updateDataDirectory(dataDirectoryField.contentState.value)
+                    updateEnableDownloads(enableDownloadsField.checkedState.value)
+                    updateUseAppNameAsTitle(useAppNameField.checkedState.value)
+                    updateDisableSignatureVerification(disableSignatureVerificationField.checkedState.value)
+                    updateSignatureFallbackStrategy(signatureFallbackStrategyField.checkedState.value)
+                    updateHttpClientLogLevel(httpLoggingField.selectedValueState.value)
+                    updateBinaryDirectoryFallback(enableBinaryDirectoryFallbackField.checkedState.value)
+                    updateHeaderCommand(headerCommandField.contentState.value)
+                    updateCertPath(tlsCertPathField.contentState.value)
+                    updateKeyPath(tlsKeyPathField.contentState.value)
+                    updateCAPath(tlsCAPathField.contentState.value)
+                    updateAltHostname(tlsAlternateHostnameField.contentState.value)
+                    updateDisableAutostart(disableAutostartField.checkedState.value)
+
+                    val sshWildcardEnabled = enableSshWildCardConfig.checkedState.value
+                    val sshTimeout = sshConnectionTimeoutField.contentState.value.toInt()
+
+                    val sshSettingsChanged = sshWildcardEnabled != settings.isSshWildcardConfigEnabled ||
+                            sshTimeout != settings.sshConnectionTimeoutInSeconds
+
+                    updateEnableSshWildcardConfig(sshWildcardEnabled)
+                    updateSshConnectionTimeoutInSeconds(sshTimeout)
+
+                    if (sshSettingsChanged) {
+                        runCatching {
                             triggerSshConfig.send(true)
-                            context.logger.info("Wildcard settings have been modified from $oldIsSshWildcardConfigEnabled to ${!oldIsSshWildcardConfigEnabled}, ssh config is going to be regenerated...")
-                        } catch (_: ClosedSendChannelException) {
+                            context.logger.info("Settings have been modified, ssh config is going to be regenerated...")
                         }
                     }
+
+                    updateSshLogDir(sshLogDirField.contentState.value)
+                    updateNetworkInfoDir(networkInfoDirField.contentState.value)
+                    updateSshConfigOptions(sshExtraArgs.contentState.value)
                 }
-                context.settingsStore.updateSshLogDir(sshLogDirField.contentState.value)
-                context.settingsStore.updateNetworkInfoDir(networkInfoDirField.contentState.value)
-                context.settingsStore.updateSshConfigOptions(sshExtraArgs.contentState.value)
             }
         )
     )
@@ -211,6 +248,10 @@ class CoderSettingsPage(
             settings.isSshWildcardConfigEnabled
         }
 
+        sshConnectionTimeoutField.contentState.update {
+            settings.sshConnectionTimeoutInSeconds.toString()
+        }
+
         sshExtraArgs.contentState.update {
             settings.sshConfigOptions ?: ""
         }
diff --git a/src/main/kotlin/com/coder/toolbox/views/EnvironmentView.kt b/src/main/kotlin/com/coder/toolbox/views/EnvironmentView.kt
@@ -1,11 +1,13 @@
 package com.coder.toolbox.views
 
+import com.coder.toolbox.CoderToolboxContext
 import com.coder.toolbox.cli.CoderCLIManager
 import com.coder.toolbox.sdk.v2.models.Workspace
 import com.coder.toolbox.sdk.v2.models.WorkspaceAgent
 import com.jetbrains.toolbox.api.remoteDev.environments.SshEnvironmentContentsView
 import com.jetbrains.toolbox.api.remoteDev.ssh.SshConnectionInfo
 import java.net.URL
+import kotlin.time.Duration.Companion.seconds
 
 /**
  * A view for a single environment.  It displays the projects and IDEs.
@@ -16,15 +18,18 @@ import java.net.URL
  * SSH must be configured before this will work.
  */
 class EnvironmentView(
+    private val context: CoderToolboxContext,
     private val url: URL,
     private val cli: CoderCLIManager,
     private val workspace: Workspace,
     private val agent: WorkspaceAgent,
 ) : SshEnvironmentContentsView {
-    override suspend fun getConnectionInfo(): SshConnectionInfo = WorkspaceSshConnectionInfo(url, cli, workspace, agent)
+    override suspend fun getConnectionInfo(): SshConnectionInfo =
+        WorkspaceSshConnectionInfo(context, url, cli, workspace, agent)
 }
 
 private class WorkspaceSshConnectionInfo(
+    private val context: CoderToolboxContext,
     url: URL,
     cli: CoderCLIManager,
     private val workspace: Workspace,
@@ -45,6 +50,9 @@ private class WorkspaceSshConnectionInfo(
      */
     override val userName: String? = null
 
+    override val connectionTimeoutMillis: Long
+        get() = context.settingsStore.sshConnectionTimeoutInSeconds.seconds.inWholeMilliseconds
+
     override fun equals(other: Any?): Boolean {
         if (this === other) return true
         if (javaClass != other?.javaClass) return false
