1 |
John Barton wrote: |
2 |
|
3 |
> |
4 |
>> |
5 |
>> I don't think that will work in this case. The master SSH daemon |
6 |
>> doesn't die. It is the new ones that are launched when a connection |
7 |
>> is made that are looking for old libraries that causes the problem, |
8 |
>> AFAIK. |
9 |
>> |
10 |
> monit has the ability to "speak" certain protocols, ssh being one of |
11 |
> them, so it might still help. If a successful connection is never |
12 |
> made, then monit should be able to tell and restart the dameon anyway. |
13 |
> It has a lot more functionality then just checking to make sure a port |
14 |
> is open or the master process is running... |
15 |
|
16 |
John Barton wrote: |
17 |
|
18 |
> |
19 |
>> |
20 |
>> I don't think that will work in this case. The master SSH daemon |
21 |
>> doesn't die. It is the new ones that are launched when a connection |
22 |
>> is made that are looking for old libraries that causes the problem, |
23 |
>> AFAIK. |
24 |
>> |
25 |
> monit has the ability to "speak" certain protocols, ssh being one of |
26 |
> them, so it might still help. If a successful connection is never |
27 |
> made, then monit should be able to tell and restart the dameon anyway. |
28 |
> It has a lot more functionality then just checking to make sure a port |
29 |
> is open or the master process is running... |
30 |
|
31 |
I too occasionally experience losing ssh connection, so I was wondering |
32 |
if anybody have tried this idea; |
33 |
keeping a separate copy of statically compiled SSHd activated by |
34 |
portknock? |
35 |
|
36 |
The purpose is to have a backup ssh that will work even if updates |
37 |
causes the main ssh to |
38 |
malfunction. |
39 |
|
40 |
The problem with using utilities to auto-restart crashing daemon is |
41 |
that in case the crash was |
42 |
caused by a miss in an attempted attack or exploit, the cracker gets |
43 |
unlimited retries. |
44 |
Besides auto-restart won't help if the problem is with the library. |
45 |
|
46 |
-Joey |