Re: Help request: problems with a 5.1 server and large numbers of ssh users.

On Wed, Nov 19, 2003 at 09:26:10PM -0800, Len Sassaman wrote: >It is my intuition from this behavior that the sshd master process >listening for connections is unable to spawn a new process to complete >the authentication step, and thus the connection is being dropped. >There is no information o

Re: Help request: problems with a 5.1 server and large numbers of ssh users.

Tim Kientzle wrote: Try an 'fstat' when connections start getting dropped. I wonder if something (PAM module, maybe?) is opening a file on each connection and you're running out of per-process file descriptors. A similar thing happened here - although it wasn't sshd at fault. Len mentioned using

Re: Help request: problems with a 5.1 server and large numbers of ssh users.

Hmm. Well, it certainly sounds like a resource limit to me, especially if it's a nice round number like "150" or "300". However, I'm also having a bit of trouble seeing, off the top of my head, which limit it might be. It sounds like you've got the ones I would think of. A quick skim of sshd.c

Re: Help request: problems with a 5.1 server and large numbers of ssh users.

Len Sassaman wrote: The problem is that after about 150 users log in (300ish sshd sessions, since I am using privsep), incoming connections start getting dropped. That number (150) sounds awfully familiar; I feel like I've seen it somewhere recently. H Try an 'fstat' when connections sta

Re: Help request: problems with a 5.1 server and large numbers of ssh users.

On Thu, 20 Nov 2003, Ken Smith wrote: > On Thu, Nov 20, 2003 at 10:56:08AM -0500, Robert Watson wrote: > > > Hmm. Well, it certainly sounds like a resource limit to me, especially if > > it's a nice round number like "150" or "300". > > One possibility might be running out of pseudo-terminals

Re: Help request: problems with a 5.1 server and large numbers of ssh users.

On Thu, Nov 20, 2003 at 10:56:08AM -0500, Robert Watson wrote: > Hmm. Well, it certainly sounds like a resource limit to me, especially if > it's a nice round number like "150" or "300". One possibility might be running out of pseudo-terminals to support the login sessions. pty's are created as

Re: Help request: problems with a 5.1 server and large numbers of ssh users.

On Wed, 19 Nov 2003, Len Sassaman wrote: > It is my intuition from this behavior that the sshd master process > listening for connections is unable to spawn a new process to complete > the authentication step, and thus the connection is being dropped. There > is no information of use in dmesg, no

Help request: problems with a 5.1 server and large numbers of ssh users.

Hi folks, I have a problem, and I am unable to find previous discussions of it. Any pointers or clues would be much appreciated. I have a FreeBSD 5.1 server that needs to be able to handle several thousand simultaneous ssh sessions from distinct users. (I am using FreeBSD 5.1 because I need to