From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/1563 Path: news.gmane.org!not-for-mail From: Alex Efros Newsgroups: gmane.comp.sysutils.supervision.general Subject: Re: runit-1.8.0 available Date: Sun, 21 Oct 2007 01:20:51 +0300 Organization: asdfGroup Inc., http://powerman.asdfGroup.com/ Message-ID: <20071020222050.GD25023@home.power> References: <20070921111312.21004.qmail@fd7a06d4d91934.315fe32.mid.smarden.org> <20070922143724.GA1419@home.power> <20070924101904.17022.qmail@42aab7ded663c3.315fe32.mid.smarden.org> <20070926134623.GR21637@home.power> <20070929130351.GC18527@home.power> <20071006054923.GA1665@home.power> <20071013212754.GL1383@home.power> <20071016033818.GE18461@run.duo> <20071020195950.GB25023@home.power> <20071020221125.GC11413@run.duo> NNTP-Posting-Host: lo.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1192918860 22359 80.91.229.12 (20 Oct 2007 22:21:00 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Sat, 20 Oct 2007 22:21:00 +0000 (UTC) To: supervision@list.skarnet.org Original-X-From: supervision-return-1798-gcsg-supervision=m.gmane.org@list.skarnet.org Sun Oct 21 00:21:01 2007 Return-path: Envelope-to: gcsg-supervision@gmane.org Original-Received: from antah.skarnet.org ([212.85.147.14]) by lo.gmane.org with smtp (Exim 4.50) id 1IjMgl-00048d-VG for gcsg-supervision@gmane.org; Sun, 21 Oct 2007 00:21:00 +0200 Original-Received: (qmail 30391 invoked by uid 76); 20 Oct 2007 22:21:14 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Archive: Original-Received: (qmail 30385 invoked from network); 20 Oct 2007 22:21:14 -0000 Mail-Followup-To: supervision@list.skarnet.org Content-Disposition: inline In-Reply-To: <20071020221125.GC11413@run.duo> User-Agent: Mutt/1.5.16 (2007-06-09) Xref: news.gmane.org gmane.comp.sysutils.supervision.general:1563 Archived-At: Hi! On Sat, Oct 20, 2007 at 06:11:26PM -0400, George Georgalis wrote: > it sounds like a signal is not reaching init, SIGPIPE? PIPE? You mean CHLD? > The following sed to default sshd_config > s/.*PasswordAuthentication.*/PasswordAuthentication no/ > s/.*UsePam.*/UsePam no/ > will really cut back the impact of bad internet on public sshd port, > of course you will only be able to use keys (PKI/RSA) to connect. Yeah, this is my default ssh configuration. :) But ssh worms anyway try to connect (they doesn't know is senseless :)) and so ssh fork new processes for these connections and these processes become unreaped zombies at some point. -- WBR, Alex.