Re: Help request: problems with a 5.1 server and large numbers of ssh users.

From: Jamie Clark <jclark_at_metaparadigm.com>
Date: Fri, 21 Nov 2003 09:19:02 +0800
Tim Kientzle wrote:

> Try an 'fstat' when connections start getting dropped.
> I wonder if something (PAM module, maybe?) is opening a
> file on each connection and you're running out of per-process
> file descriptors.

A similar thing happened here - although it wasn't sshd at fault. Len 
mentioned using ldap authentication.

nss_ldap and/or pam_ldap are use TCP connections to connect to the LDAP 
server. In my case there was another big consumer of persistent ldap 
connections that caused slapd to reach its default 1024 descriptor limit 
(which required a compile-time adjustment). Found this by tracing the 
master slapd process.

-Jamie
Received on Thu Nov 20 2003 - 16:19:27 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:30 UTC