Linux + Ssh Limitation + Ssh at The Same Time from Multiple Machine to One Machine

  • Home
  • Languages
  • Linux
  • Linux + Ssh Limitation + Ssh at The Same Time from Multiple Machine to One Machine

linux + ssh limitation + ssh at the same time from multiple machine to one machine

Have you set the MaxSession and MaxStartups in your sshd.conf (or equivalent)? 40 simultaneous SSH connections should not, I believe, be too many for your server to handle.

From man sshd_config page:

 MaxSessions
         Specifies the maximum number of open sessions permitted per net‐
         work connection.  The default is 10.

 MaxStartups
         Specifies the maximum number of concurrent unauthenticated con‐
         nections to the SSH daemon.  Additional connections will be
         dropped until authentication succeeds or the LoginGraceTime
         expires for a connection.  The default is 10.

         Alternatively, random early drop can be enabled by specifying the
         three colon separated values “start:rate:full” (e.g. "10:30:60").
         sshd(8) will refuse connection attempts with a probability of
         “rate/100” (30%) if there are currently “start” (10) unauthenti‐
         cated connections.  The probability increases linearly and all
         connection attempts are refused if the number of unauthenticated
         connections reaches “full” (60).

If you haven't changed these, your server won't handle more than 10 simultaneous connections.

Similar question (serverfault.com).

deny parallel ssh connection to server for specific host / IP

Maybe try using limits.conf to enforce a hard limit of 1 login for the user/group.

You might need a periodic cron job to check for and remove any stale logins.

Locks/mutexes are hard to get right and add complexity. Limits.conf is a standard feature of most unix/linux systems and should be more reliable, emphasis on should...

A similar question was raised here:
https://unix.stackexchange.com/questions/127077/number-of-ssh-connections-on-a-single-linux-machine

Details here:
http://linux.die.net/man/5/limits.conf

How to prevent multiple connections in SSH?

You can set a max # of log-ins in /etc/security/limits.conf (for a user or group).

If you need an example:

echo "@loginrestriction  -  maxlogins 4" >> /etc/security/limits.conf
echo "username  -  maxlogins 1" >> /etc/security/limits.conf
useradd -G loginrestriction a_username

How can I limit the rate of new outgoing ssh connections when using GNU parallel?

I think we need a 'spawn at most this many jobs per second per host' option for GNU Parallel. It would probably make sense to have the default work for hosts with MaxStartups = 10:30:60, fast CPUs, but with 500 ms latency.

Can we discuss it on parallel@gnu.org?

Edit:

--sshdelay was implemented in version 20130122.

ssh + ssh is stuck on remote machine

I'd suggest something rather different -- instead of having a fixed delay between instances, having a fixed maximum number of instances to run at a time. For instance, with that value at 25:

numprocs=25
timeout=5
xargs -P "$numprocs" -J '{}' -n 1 -- \
  perl -e 'alarm shift; exec @ARGV' -- "$timeout" \
    ssh -nxaq -o ConnectTimeout=5 -o StrictHostKeyChecking=no '{}' /tmp/reboot.sh \
  <hostnames # if a file; use < <(awk ...) if a script providing per-line info

Note that -J {} is an extension which avoids bugs implicit in the specification for the (standards-mandated) -I {} xargs behavior. If it's not available, -I '{}' can be used instead -- but do read the man page to understand caveats.

What is the cleanest way to ssh and run multiple commands in Bash?

How about a Bash Here Document:

ssh otherhost << EOF
  ls some_folder; 
  ./someaction.sh 'some params'
  pwd
  ./some_other_action 'other params'
EOF

To avoid the problems mentioned by @Globalz in the comments, you may be able to (depending what you're doing on the remote site) get away with replacing the first line with

ssh otherhost /bin/bash << EOF

Note that you can do variable substitution in the Here document, but you may have to deal with quoting issues. For instance, if you quote the "limit string" (ie. EOF in the above), then you can't do variable substitutions. But without quoting the limit string, variables are substituted. For example, if you have defined $NAME above in your shell script, you could do

ssh otherhost /bin/bash << EOF
touch "/tmp/${NAME}"
EOF

and it would create a file on the destination otherhost with the name of whatever you'd assigned to $NAME. Other rules about shell script quoting also apply, but are too complicated to go into here.


Related Topics

How to Ensure Data Reaches Storage, Bypassing Memory/Cache/Buffered-Io

Floating Point Exception (Core Dumped) While Doing Division in Assembly

Why 2 Linux Processes of Same File Cannot Share Text Segment

How to Know If I Can Compile with Fma Instruction Sets

Libnetfilter_Queue Programming, How to Know Which Program Send The Packet

How to Use 'Catdoc' to Display Dock File Encoded in Utf-8

Using Sftp to Transfer Images from HTML Form to Remote Linux Server Using Perl/Cgi.Pm

Vfs: File-Max Limit 1231582 Reached

How to Lock a Directory in C on a Linux Machine

What Is Inside So File of Python Library Distribution

Killing Stanford Core Nlp Process

Count Total Number of Pattern Between Two Pattern (Using Sed If Possible) in Linux

Change The Escape Sequence Generated by Xterm for Key Combinations

How to Create a File of Size More Than 2Gb in Linux/Unix

Linux Grep/Sed Certain Lines - Space Removal

Cpu Usage from Linux Then Using It in a Arithmetic Expression

How to Install Vsftpd on Centos 6

Dreamweaver Equivalent for Linux


Leave a reply



Submit