HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

ssh stop accepting connections

 
SOLVED
Go to solution
R.O.
Esteemed Contributor

ssh stop accepting connections

Hello,

I have a problem in a server with ssh connections:

># ssh -vvv monuser@localhost
OpenSSH_4.3p2-hpn, OpenSSL 0.9.7i 14 Oct 2005
HP-UX Secure Shell-A.04.30.006, HP-UX Secure Shell version
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug3: Seeding PRNG from /opt/ssh/libexec/ssh-rand-helper
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/3
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host

If I restart the sshd daemon it starts working right:

># ssh -vvv monuser@localhost
OpenSSH_4.3p2-hpn, OpenSSL 0.9.7i 14 Oct 2005
HP-UX Secure Shell-A.04.30.006, HP-UX Secure Shell version
debug1: Reading configuration data /opt/ssh/etc/ssh_config
debug3: Seeding PRNG from /opt/ssh/libexec/ssh-rand-helper
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/3
debug1: identity file /.ssh/id_rsa type -1
debug1: identity file /.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2-hpn
debug1: match: OpenSSH_4.3p2-hpn pat OpenSSH*



.. but after less than a minute, it stop working again. The only thing I have seen is that the problem appears once the number of ssh connections (ps -ef|grep ssh) is over 20. ¿Is this possible? ¿Any idea?

Regards,
"When you look into an abyss, the abyss also looks into you"
4 REPLIES
R.O.
Esteemed Contributor

Re: ssh stop accepting connections

Hello,

I have seen that some sshd proceses remains "sshd: [net]" (they should die after connecting):

># ps -ef|grep ssh
root 17377 14634 0 12:15:07 ? 0:00 sshd: [accepted]
user1 16218 16213 0 10:34:57 ? 0:01 sshd: wlzam@pts/4
root 16795 14634 0 12:14:07 ? 0:00 sshd: [accepted]
root 5738 14634 0 12:11:34 ? 0:00 sshd: ser [priv]
user 6886 5738 0 12:11:39 ? 0:00 sshd: user@pts/7
sshd 16792 16791 0 12:14:07 ? 0:00 sshd: [net]
root 14634 1 0 10:52:59 ? 0:01 /opt/ssh/sbin/sshd
sshd 16798 16796 0 12:14:07 ? 0:00 sshd: [net]
sshd 17376 17375 0 12:15:07 ? 0:00 sshd: [net]
root 16796 14634 0 12:14:07 ? 0:00 sshd: [accepted]
root 17379 14634 0 12:15:07 ? 0:00 sshd: [accepted]
sshd 17372 17371 0 12:15:07 ? 0:00 sshd: [net]
sshd 17374 17373 0 12:15:07 ? 0:00 sshd: [net]
root 16213 1 0 10:34:53 ? 0:00 sshd: user1 [priv]
root 16791 14634 0 12:14:07 ? 0:00 sshd: [accepted]
root 16785 14634 0 12:14:07 ? 0:00 sshd: [accepted]
root 17375 14634 0 12:15:07 ? 0:00 sshd: [accepted]
sshd 16794 16793 0 12:14:07 ? 0:00 sshd: [net]
root 16793 14634 0 12:14:07 ? 0:00 sshd: [accepted]
sshd 16786 16785 0 12:14:07 ? 0:00 sshd: [net]
sshd 16797 16795 0 12:14:07 ? 0:00 sshd: [net]
sshd 17380 17379 0 12:15:07 ? 0:00 sshd: [net]
sshd 17378 17377 0 12:15:07 ? 0:00 sshd: [net]
root 17542 17913 1 12:15:43 pts/tl 0:00 grep ssh
root 17371 14634 0 12:15:07 ? 0:00 sshd: [accepted]
root 17373 14634 0 12:15:07 ? 0:00 sshd: [accepted]

When these proceses are 10, I cannot coonect. ¿Any idea why these proceses might be hung?

Regards,
"When you look into an abyss, the abyss also looks into you"
Johnson Punniyalingam
Honored Contributor
Solution

Re: ssh stop accepting connections

>>When these proceses are 10, I cannot coonect. à ¿Any idea why these proceses might be hung?<<

Specified the maximum number of concurrent unauthenticated connections to the sshd daemon. Additional connections will be
dropped until authentication succeeds or the LoginGraceTime
expires for a connection. The default is 10


lease see $ man sshd_config for more detail
Problems are common to all, but attitude makes the difference
G V R Shankar
Valued Contributor

Re: ssh stop accepting connections

Hi,

I am suspecting a duplicate IP in the network. Check the timestamp of the following.

ll /var/adm/net*

Ravi.

mvpel
Trusted Contributor

Re: ssh stop accepting connections

I've seen a similar problem - hanging sshd processes - with that version of SSH on HP-UX 11i on a 9000/785 workstation. I think there's a bug in the release. You should upgrade to the HP Secure Shell 5.2 release:

https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA

... along with the KRNG package, and give it another try.