WARNING for Debian users. Just to drive you completely crazy Debian does its own form of session management and will completely ignore all alterations to the values who do within your PHP script.
Debian sets up a <crontab /etc/cron.d/php5> which deletes all files, including those in subdirectories, which exceed the gc_maxlifetime specified in the <php.ini> file only.
That is, on Debian (and likely variants like Ubuntu) modifying the session expiration settings (like gc_maxlifetime) does *NOTHING*. You *HAVE* to modify the global <php.ini>. Not even a <.htaccess> file will help you.