sshit runs out of semaphores

Greg Larkin glarkin at
Tue Dec 2 05:25:26 PST 2008

Hash: SHA1

DA Forsyth wrote:
> Hiya
> I recently started (trying) to use sshit to filter the many brute 
> force sshd attacks.
> However, it has never worked on my box.  FreeBSD 7.0 p1.
> This morning it would only give a message (without exiting)
>    Could not create semaphore set: No space left on device
>     at /usr/local/sbin/sshit line 322
> Every time it gets stopped by CTRL-C it leaves the shared memory 
> behind, allocated.
> I am going to reboot later and double the number of semaphores (in 
> loader.conf).
> I am running hobbit which uses 8, leaving only 2 free.  This may 
> solve this issue, but I'd appreciate any ideas and experienced 
> advice.
> A side issue is that sshit will only filter rapid fire attacks, but I 
> am also seeing 'slow fire' attacks, where an IP is repeated every 2 
> or 3 hours, but there seem to be a network of attackers because the 
> name sequence is kept up across many incoming IP's.  Is there any 
> script for countering these attacks?
> If not I'll write one I think.
> --
>        DA Fo rsyth            Network Supervisor
> Principal Technical Officer -- Institute for Water Research

Hi DA,

I previously used sshit to defend against SSH brute-force attacks but
never saw the semaphore problem that you reported.

However, I recently switched to sshguard for other reasons, and it has
worked well for defending against both high-speed and slow-speed
attacks.  You can get more information here:

Hope that helps,
- --
Greg Larkin       - The Power To Serve - Ready. Set. Code.
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla -


More information about the freebsd-questions mailing list