ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

sshd childs hangs after blocking

https://mail.forum.configserver.com/viewtopic.php?t=8014

Page 1 of 1

sshd childs hangs after blocking

Posted: 04 Aug 2014, 08:36
by dmtr
i use csf v7.07.
i got a lot of processes like these:

Code: Select all

root      9164  0.0  0.0 101236  4084 ?        Ss   Aug01   0:00 sshd: root [priv]
sshd      9165  0.0  0.0  67992  1652 ?        S    Aug01   0:00 sshd: root [net] 
root     10412  0.0  0.0 101104  3796 ?        Ss   Aug02   0:00 sshd: unknown [priv]
sshd     10414  0.0  0.0  67992  1740 ?        S    Aug02   0:00 sshd: unknown [net]
root     10439  0.0  0.0 101236  4088 ?        Ss   Aug03   0:00 sshd: root [priv]
sshd     10440  0.0  0.0  67992  1656 ?        S    Aug03   0:00 sshd: root [net]
i investigated this issue and found that processes are frozen when blocking IP after ssh false logins.
as result we got "hanged" ESTABLISHED connection:

Code: Select all

tcp        0      0 107.6.145.75:22             188.40.170.149:24746        ESTABLISHED 28164/sshd
and iptables rules:

Code: Select all

      12     2352 DROP     all  --  !lo    *       188.40.170.149       0.0.0.0/0           reject-with icmp-port-unreachable 
      12     2688 DROP     all  --  *      !lo     0.0.0.0/0            188.40.170.149      reject-with icmp-port-unreachable
but sshd shouldn't hang after blocking. Is it known issue? Solutions?

Re: sshd childs hangs after blocking

Posted: 12 Aug 2014, 15:21
by inawire
I'm having the same issue. Same version of csf. I'm on CentOS 6.5.

I think it something to do with my SSH config and keepalive. I'm still looking into a solution but I don't this this is a csf issue, just my ssh setup.

Here is one link I'm looking at for help:
http://unix.stackexchange.com/questions ... ork-in-ssh

I my research, my 'hung' sshd's were all blocked by csf (as by design) but I don't think the sshd knows that and is keeping the conection open. I think "ServerAlive" will help solve this.

Re: sshd childs hangs after blocking

Posted: 17 Jan 2017, 15:01
by SeasonM
Does anyone have a fix for this?

For now I have wrote a script to kill off the dead SSH connections. I could also reconfigure MaxStartups but I feel like the problem shouldn't be happening in the first place.

Any advice appreciated...

csf v9.28, RHEL 7.3
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited