Why does ssh try to run df, netstat, arp ...?
Andrew Stribblehill
a.d.stribblehill at durham.ac.uk
Sat Nov 18 00:32:17 EST 2000
Quoting Nico De Ranter <nico at sonycom.com>:
> Howdy,
>
> I recently had a problem with one of our servers (crashed due to power
> failure :-). While this shouldn't have been a problem for most
> of the workstations and servers on the network I noticed that I
> wasn't able to use ssh anymore. Ssh would simply hang during the connection.
> rsh and telnet however were able to connect without problem so there
> was no problem with the destination or the environment of the user.
> I noticed that for some strange reason ssh tries to run arp, netstat and df
> during the connection (I can understand the use of arp and netstat but why on
> earth df). Unfortunately df blocks when it tries to measure the size
> of a filesystem which is mounted (e.g. by automount) but unavailable (since
> the server crashed) I guess this is the reason why the ssh connection
> failed. Ofcourse having my whole network unreachable by ssh just because
> one server goes down is totaly unacceptable (I might as well start using
> Windows). How can I turn this behaviour off or can anybody give me a
> really really good reason why ssh would need df?
ssh and sshd need to get some randomness into their system
somehow. For machines with a /dev/random, this is easy. However,
the way ssh gets round it with less pleasant systems, is that it
runs a set of commands whose output varies, hopefully from one
execution to the next.
You can find the file containing these commands in
/etc/ssh_prng_commands. Simply remove the offending lines.
Cheerio,
Andrew Stribblehill
Systems programmer, IT Service, University of Durham, England
More information about the openssh-unix-dev
mailing list