On Fri, 20 Apr 2001, John Wolford wrote:
> I have a question that might be off-topic for this list, but then
> again maybe not.
Probably mildly so. Comp.unix.programmer is a good spot for questions
like this.
> How can i tell if a given sshd process is serving
> ssh? Other than trying to connect to it, that is.
sshd is always serving ssh, in some sense. The main daemon is listening
for new ssh connections, and the spawned daemons are servicing existing
connections.
It sounds like you're trying to make sure that there is an sshd actually
listening, regardless of whether there are sshds servicing connections.
> running on a box, and there is a script watching to make sure that
> it's running. But if someone logs in via ssh, another sshd process
> gets spawned for that connection. If that person were to somehow kill
> the sshd server process (the parent of the spawned sshd) then s/he
> could continue on with the connection but nobody else would be able to
> get in. The watchdog would not know this because it would see a sshd
> in the process list, which is all it is checking for. But i would like
There are a number of ways to approach this.
The first thing I usually think when anyone talks about a watchdog process
is "why not use init"? For something this simple, a respawn entry in
inittab may be all you need.
If your watchdog script needs to do something more complicated than that
(logging, e-mailing if something goes wrong, etc.), then you should
basically do what init does - spawn sshd and wait() for it. You'll want
to use something other than a shell script for this - perl, python, or C
can all do this easily.
If you're really stuck on pure shell scripting, you can either keep track
of the listener-sshd's PID and check for that, or you can grep the output
of netstat -l and make sure something is listening for ssh. There are
probably other ways to check, but these seem easiest.
Now on to the harder question. Why do you need to do this? Sshd is
quite stable, and shouldn't need more of a watchdog than any other server.
Are you experiencing problems with sshd dieing? If so, those should be
tracked down and stomped. Users, of course, can't kill the listener
process unless they're root, in which case they can kill the watchdog too.
Generally, adding a layer of complexity without having a specific reason
is likely to cause more problems than it solves.
--
Mark Rafn [EMAIL PROTECTED] <http://www.dagon.net/>
