[systemd-devel] systemd and sshd.socket/sshd at .service
Lennart Poettering
lennart at poettering.net
Wed Mar 16 18:32:24 PDT 2011
On Thu, 17.03.11 02:21, Mirco Tischler (mircotischler at gmx.net) wrote:
> >> Ok. I'm add corresponding params to kernel cmdline. After sometime i
> >> get on screen messages like in attached image
> > Your sshd seems to return exit with a non-zero exit code just indicating
> > a failure of some kind. use "ExecStart=-/foo/bar" instead of
> > "ExecStart=/foo/bar" to spawn a process and ignore if it fails.
> >
> > Lennart
> >
> The most likely failure here is an authentication failure. sshd exits
> with exit code 254(afair) in that case if in inet mode. This caused the
> very same problem (sshd.socket shutting down) for me on a machine that
> was accessable from the internet where I get a few hundred failed login
> attempts per day.
I think it is probably wise to use ExecStart=- on all instantiated
socket services. Since failed services are not GC'ed you might otherwise
end up collecting up quite a number of failed sshd@ instances until the
limit is reached and further clients will be refused.
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the systemd-devel
mailing list