Re: how do u limit the no of telnet sessions

Sprint Unix Team · ‎10-10-2001

how do u limit the no of telnet sessions?

Sachin Patel · ‎10-10-2001

Hi
You can set kernal parameters npty and nstrpty for number of telnet sessions

Sachin

Is photography a hobby or another way to spend $

Patrick Wallek · ‎10-10-2001

Have a look at the following kernel parameters:

nstrtel
npty
nstrpty

http://docs.hp.com/hpux/onlinedocs/os/KCparam.NstrPty.html

http://docs.hp.com/hpux/onlinedocs/os/KCparam.Npty.html

http://docs.hp.com/hpux/onlinedocs/os/KCparam.NstrTel.html

A. Clay Stephenson · ‎10-10-2001

Hi:

I would limit the kernel parameters npyt,nstrpty, and nstrtel. Nstrtel is probably your best bet.

If it ain't broke, I can fix that.

Sridhar Bhaskarla · ‎10-10-2001

Tune nstrtel parameter

#cp /stand/system /stand/system.prev
#/usr/lbin/sysadm/system_prep -s /stand/system
#edit system file and limit nstrtel to whatever the number you want
#mk_kernel -o /stand/vmunix (kmupdate is automatic)
#shutdown -ry 0

For 10.20, you got to change npty.

-Sri

You may be disappointed if you fail, but you are doomed if you don't try

someone_4 · ‎10-10-2001

In /dev/pty
there are device drivers by limmiting the ntty
and nstrpty in your kernal you will be limiting the number of telnet sessions that can be open. The 2 numbers should go hand in hand.

Richard

someone_4 · ‎10-10-2001

Ok everyone .. I have a question
I thought it was only ntty and nstrpty in your kernal to limit telnet.

But I see you talking talking about nstrtel.

I know you modify ntty and nstrpty 1 for one. But it should still work if you dont modify nstrtel right?

Or what if you only modify nstrtel and not ntty and nstrpty ?

Or what if you modify all 3 of them?

Richard

James R. Ferguson · ‎10-10-2001

Hi:

From TKB document #BHERRKBRC00002727:

/begin_quote/

nstrtel specifies the number of telnet device files that the kernel can support for incoming telnet sessions. This number should match the number of device files that exist on the system. If the insf command or SAM is used to
create more telnet device files, the value of nstrtel must be increased accordingly or the device files cannot be used because there are no kernel data structures available for communicating with the system.

/end_quote/

See also 'ntpy' and 'nstrpty' in:

http://docs.hp.com/hpux/onlinedocs/os/KCparams.OverviewAll.html

BTW, RICHARD:
-------------
You have unscored responses here:

http://forums.itrc.hp.com/cm/QuestionAnswer/1,11866,0x01fbc6af36b7d5118ff10090279cd0f9,00.html

Regards!

...JRF...

someone_4 · ‎10-11-2001

Ok
This issue was really bothering me. Mainly because I didn't understand. So I opened up a call with HP and here is what I got.

My name is Darrick Schuch and have taken ownership of your case
3200370288.
Hope this will answer your questions. First here is a description of each
of the parameters:

nstrpty limits the number of streams-based PTYs that are allowed system-wide. When
sending data to PTY devices (such as windows), a PTY device must exist for
every window that is open at any given time.

nstrpty should be set to a value that is equal to or greater than the number
of PTY devices on the system that will be using streams-based I/O pipes.
Using a parameter value significantly larger than the number of PTYs is not
recommended. nstrpty is used when creating data structures in the kernel to
support those streams-based PTYs, and an excessively large value wastes
kernel memory space.

npty limits the number of the following structures that can be used by the
pseudo-teletype driver:

nstrtel specifies the number of kernel data structures that are created at
system boot time that are required to support the device files used by
incoming telnet sessions on a server. This number should match the number of
device files that exist on the system. If the insf command or SAM is used to
create more telnet device files, the value of nstrtel must be increased
accordingly or the device files cannot be used because there are no kernel
data structures available for communicating with the system.

Select a value for nstrtel that is equal to or greater than the number of
telnet device files on the system. Selecting a value that exceeds the number
of device files actually existing on the system wastes the memory consumed
by extra data structures, but it may be justified if you are planning to add
more device files.

So as you can see, at least the npty and the nstrtel would need to match.
This will allow at least the same amount of telnet sessions as device files.
In other words this will give you your actual telnet sessions allowed.

Hope this helps!

Thanks!

Darrick Schuch

Bernie Vande Griend · ‎10-11-2001

Also, just to clarify:

nstrtel did not exist in 10.20, it came about in 11.0.

So if you're using 10.20 do not worry about nstrtel.

Ye who thinks he has a lot to say, probably shouldn't.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: how do u limit the no of telnet sessions

how do u limit the no of telnet sessions