ssh dies
John Davis
linux0642 at sbcglobal.net
Wed Apr 13 07:25:49 PDT 2005
Robert Storey wrote:
> Dear All,
>
> An interesting and disturbing problem recently appeared on our server
> which is running FBSD 5.3. Rather suddenly, all users found themselves
> locked out because ssh stopped working. We had to send an email to tech
> support at our hosting service (Netsonic). They said this seems to be
> happening frequently on many FreeBSD servers (something to do with
> reaching the limit of ssh connections). They didn't tell us how to solve
> the problem, but they suggested rebooting, which should return the
> server under our control. We asked them to reboot and they did, problem
> solved for now.
>
> I'm wondering if anyone knows what is causing this, and if there is a
> permanent solution? The server was running fine for four months without
> issues - this just suddenly came out of the blue.
>
> TIA,
> Robert
We had exactly the same problem with 5.3 on a dual opteron machine.
One minute it worked and the next minute it stopped and had to be
rebooted. The host insisted that this was clear evidence that machine
had been compromised but this was nonsense. I have spoken to other
people using 5.2 and 5.3 who report identical behavior. I don't know if
it's a physical connection limit that's causing the problem though,
because only two people log into my BSD server.
I think a safer bet is this worm that tries to compromise servers by
ssh. Perhaps the ssh server isn't cleaning up the failed connections
well enough, or maybe it's detecting an attack and simply shutting down.
This worm can generate a thousand or more connection attempts in a
single session, so I can see how a tiny memory leak could grow into a
big problem in a hurry.
--
John Davis
More information about the freebsd-questions
mailing list