pam_limits and OpenSSH

Adam McKenna adam-openssh at flounder.net
Thu Sep 6 05:33:14 EST 2001


On Wed, Sep 05, 2001 at 10:08:44AM -0700, Adam McKenna wrote:
> On Wed, Sep 05, 2001 at 09:17:25AM -0500, mouring at etoh.eviladmin.org wrote:
> > 
> > I suggest you try OpenSSH 2.9p2 release
> 
> This is still a problem with 2.9p2.  If the user's nproc limit is set (in
> /etc/security/limits.conf) to less than around 35, they will not be able to
> login with SSH.

Just checked on Debian unstable, if nproc (soft limit) is less than 53 this 
doesn't work with OpenSSH 2.9p2-3:

adam at maguro:~$ grep adam2 /etc/security/limits.conf 
adam2 soft nproc 52
adam at maguro:~$ ssh adam2 at localhost
adam2 at localhost's password: 
Received disconnect from 127.0.0.1: 2: fork failed: Resource temporarily
unavailable

adam at maguro:~$ grep adam2 /etc/security/limits.conf 
adam2 soft nproc 53
adam at maguro:~$ ssh adam2 at localhost
adam2 at localhost's password: 
[motd]
adam2 at maguro:~$ 

adam at maguro:~$ dpkg -l ssh
ii  ssh            2.9p2-5        Secure rlogin/rsh/rcp replacement (OpenSSH)
adam at maguro:~$ ssh -V
OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f

The strace of the sshd process (strace -f -p <sshd_pid>) is available at
http://flounder.net/sshd.log 

Thanks,

--Adam



More information about the openssh-unix-dev mailing list