Re: ssh issues with centos 6

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Feb 28, 2016, at 3:19 PM, William Warren <hescominsoon@xxxxxxxxx> wrote:
> 
> I have a new centos 6 install.

…on what?  A 64 MiB bargain basement VPS, an enterprise grade 32 GiB server, a reflashed network switch…?

> I have disabled motd in ssh

Why is that relevant?  That message likely contains less than 1 kiB of ASCII text, and isn’t held in RAM continuously anyway.

That feature is so unimportant with respect to memory usage that it was added to Unix back in the days when 1 kiB of RAM cost real money.

> i also had entropy problems

Specifically what problems?  How did you diagnose it, and why do you believe your solution is useful?

> so i enacted   rngd -r /dev/urandom -o /dev/random

That’s essentially bogus.  If /dev/random is blocking due to insufficient entropy, feeding false entropy in from urandom buys you nothing, other than to fool /dev/random into thinking it has more entropy than it actually does.  

On a typical Linux system, /dev/random and /dev/urandom get their entropy from the same source, so feeding pseudorandom numbers from one to the other is essentially lying to the kernel; it will get its revenge on you for that lie, eventually.

rngd is only useful when reading from a [P]RNG that the kernel isn’t already using for entropy, such as a hardware RNG.

> but did not stop the out of memory errors.

Why would it?  The kernel PRNG’s entropy pool has nothing to do with free RAM.

> I am seeing the below in the logs.  It only occurs during
> ssh file transfers.
> 
> Feb 28 17:18:19 web1 t of memory [13604]

Why is the message truncated?  That sounds like memory *corruption* to me, rather than memory exhaustion.

Are you seeing activity by the OOM killer?

  http://www.linuxdevcenter.com/pub/a/linux/2006/11/30/linux-out-of-memory.html

Are you dealing with software you wrote yourself, or only software that came with CentOS?  If the former, have you run it under valgrind?
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux