diff --git a/go.mod b/go.mod
index 869a1a7..c86bcd7 100644
--- a/go.mod
+++ b/go.mod
@@ -8,3 +8,5 @@ require (
 	golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576
 	golang.org/x/sys v0.0.0-20190321052220-f7bb7a8bee54
 )
+
+go 1.13
diff --git a/sshd/net.go b/sshd/net.go
index 154ec45..678454b 100644
--- a/sshd/net.go
+++ b/sshd/net.go
@@ -33,8 +33,11 @@ func (l *SSHListener) handleConn(conn net.Conn) (*Terminal, error) {
 		conn = ReadLimitConn(conn, l.RateLimit())
 	}
 
-	// Handshake shouldn't take more than 10 seconds
-	conn.SetReadDeadline(time.Now().Add(10 * time.Second))
+	// If the connection doesn't write anything back for too long before we get
+	// a valid session, it should be dropped.
+	var handleTimeout = 20 * time.Second
+	conn.SetReadDeadline(time.Now().Add(handleTimeout))
+	defer conn.SetReadDeadline(time.Time{})
 
 	// Upgrade TCP connection to SSH connection
 	sshConn, channels, requests, err := ssh.NewServerConn(conn, l.config)
@@ -42,9 +45,6 @@ func (l *SSHListener) handleConn(conn net.Conn) (*Terminal, error) {
 		return nil, err
 	}
 
-	// clear the deadline
-	conn.SetDeadline(time.Time{})
-
 	// FIXME: Disconnect if too many faulty requests? (Avoid DoS.)
 	go ssh.DiscardRequests(requests)
 	return NewSession(sshConn, channels)