[Bug 948] high CPU in sshd after tcp_wrappers deny
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Feb 15 05:30:47 EST 2005
http://bugzilla.mindrot.org/show_bug.cgi?id=948
------- Additional Comments From atlunde at panix.com 2005-02-15 05:30 -------
Created an attachment (id=824)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=824&action=view)
corresponding syslog messages from ssh, tcp_wrappers, prngd
These are the messages in syslog from about the time that the ps output seems
to imply the high-cpu processes started. I ran egrep '20:01:3' on the log file.
This file gets messages from prngd, sshd, and tcp_wrappers. I note there's an
error from prngd (which I'm using as a random number source), could that be a
factor in the problem? (I'm using prngd, because this server was a HP-UX box in
a previous life..)
The tcp_wrappers rules are first a number of exception rules of the form:
sshd,in.ftpd: SOME_ADDRESS : rfc931 15 : keepalive : nice 1 : allow
Where SOME_ADDRESS is an IP address, a DNS host address, or a domain
suffix(.foo.example.com) for which we want to allow traffic:
There's a generic allow rule for on-campus traffic:
sshd: .ourdomain.edu : nice 1 : allow
anything else falls thru to a default deny rule:
ALL: ALL : deny
Could the use of rfc931 lookups trigger problems?
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list