Welcome to WebmasterWorld Guest from 54.147.217.76

Forum Moderators: bakedjake

Message Too Old, No Replies

SSH Shell Speed and Priority for Root

Speed for when things go wrong

   
3:41 pm on Nov 19, 2006 (gmt 0)

WebmasterWorld Senior Member trillianjedi is a WebmasterWorld Top Contributor of All Time 10+ Year Member



I appreciate the security issues with this one (I use keys) but when things go wrong, say a DoS attack or locked application binding CPU or I/O, dealing with an unresponsive server is a nightmare.

So what would be ideal is to setup SSHd so that when a user logs into the Root account, the newly created shell is given a NICE priority schedule of -15 (or whatever you want).

I know that I can re-prioritise the shell following a login, but when it's running slow it's a nightware. I'd much prefer that automated.

Anyone know if this is possible? Ideally I do not want to prioritise user shells, just those belonging to root.

I tried re-scheduling SSHd itself to -15, but that doesn't seem to re-schedule its spawned shells.

Thanks!

TJ

5:43 pm on Nov 19, 2006 (gmt 0)

WebmasterWorld Senior Member jtara is a WebmasterWorld Top Contributor of All Time 5+ Year Member



Dunno if there is some configuration option for this or not.

But that is the beauty of open-source software! Download the source, find where the user shell is spawned, and change the priority. Better yet, add a command-line option, and contribute the change back to the source tree.

Oh, wait... isn't there a way to get sshd to run a command, rather than spawn a shell? You can do this on a per-user basis, I believe configured in sshd.conf. So, configure it to run a command that "nice's" a shell.

11:32 pm on Nov 19, 2006 (gmt 0)

WebmasterWorld Senior Member lammert is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



I know that I can re-prioritise the shell following a login, but when it's running slow it's a nightware. I'd much prefer that automated.

Putting the command to change the priority in your .bash_profile or .bashrc file (or whatever configuration file your specific shell is reading during startup) might do the trick.