| 1 |
You can also restart ssh from webmin... had to do that on at least one |
| 2 |
occasion. |
| 3 |
|
| 4 |
b |
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
Joey wrote: |
| 9 |
> John Barton wrote: |
| 10 |
> |
| 11 |
>> |
| 12 |
>>> |
| 13 |
>>> I don't think that will work in this case. The master SSH daemon |
| 14 |
>>> doesn't die. It is the new ones that are launched when a connection |
| 15 |
>>> is made that are looking for old libraries that causes the problem, |
| 16 |
>>> AFAIK. |
| 17 |
>>> |
| 18 |
>> monit has the ability to "speak" certain protocols, ssh being one of |
| 19 |
>> them, so it might still help. If a successful connection is never |
| 20 |
>> made, then monit should be able to tell and restart the dameon anyway. |
| 21 |
>> It has a lot more functionality then just checking to make sure a port |
| 22 |
>> is open or the master process is running... |
| 23 |
> |
| 24 |
> |
| 25 |
> John Barton wrote: |
| 26 |
> |
| 27 |
>> |
| 28 |
>>> |
| 29 |
>>> I don't think that will work in this case. The master SSH daemon |
| 30 |
>>> doesn't die. It is the new ones that are launched when a connection |
| 31 |
>>> is made that are looking for old libraries that causes the problem, |
| 32 |
>>> AFAIK. |
| 33 |
>>> |
| 34 |
>> monit has the ability to "speak" certain protocols, ssh being one of |
| 35 |
>> them, so it might still help. If a successful connection is never |
| 36 |
>> made, then monit should be able to tell and restart the dameon anyway. |
| 37 |
>> It has a lot more functionality then just checking to make sure a port |
| 38 |
>> is open or the master process is running... |
| 39 |
> |
| 40 |
> |
| 41 |
> I too occasionally experience losing ssh connection, so I was wondering |
| 42 |
> if anybody have tried this idea; |
| 43 |
> keeping a separate copy of statically compiled SSHd activated by |
| 44 |
> portknock? |
| 45 |
> The purpose is to have a backup ssh that will work even if updates |
| 46 |
> causes the main ssh to |
| 47 |
> malfunction. |
| 48 |
> |
| 49 |
> The problem with using utilities to auto-restart crashing daemon is |
| 50 |
> that in case the crash was |
| 51 |
> caused by a miss in an attempted attack or exploit, the cracker gets |
| 52 |
> unlimited retries. |
| 53 |
> Besides auto-restart won't help if the problem is with the library. |
| 54 |
> |
| 55 |
> -Joey |
| 56 |
> |
Archives