Help request: problems with a 5.1 server and large numbers of
ssh users.
Jamie Clark
jclark at metaparadigm.com
Thu Nov 20 17:19:27 PST 2003
Tim Kientzle wrote:
> Try an 'fstat' when connections start getting dropped.
> I wonder if something (PAM module, maybe?) is opening a
> file on each connection and you're running out of per-process
> file descriptors.
A similar thing happened here - although it wasn't sshd at fault. Len
mentioned using ldap authentication.
nss_ldap and/or pam_ldap are use TCP connections to connect to the LDAP
server. In my case there was another big consumer of persistent ldap
connections that caused slapd to reach its default 1024 descriptor limit
(which required a compile-time adjustment). Found this by tracing the
master slapd process.
-Jamie
More information about the freebsd-hackers
mailing list