Find the answer to your Linux question:
Results 1 to 7 of 7
Like Tree1Likes
  • 1 Post By Rubberman
Hello, i setup proxy on my VPS according to this manual and quite often i started to see this process on the top of processlist Code: ssh -p XX -f ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux User postcd's Avatar
    Join Date
    Apr 2011
    Posts
    322

    My proxy thread takes alot of resources? How to track cause?


    Hello, i setup proxy on my VPS according to this manual and quite often i started to see this process on the top of processlist

    Code:
    ssh -p XX -f -N -D 0.0.0.0:1080 localhost


    Also the proxy stopped working, cant connect websites thru it, works some little time after reboot but then fails

    So im curious which logs or things i need to lookup. i went thru /var/log but no ssh file, no suspicious things.

    thx
    "Avoid the Gates of Hell. Use Linux affordable VPS."

  2. #2
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,558
    And you are using ssh to connect to your local system because?

    FWIW, your mysqld processes seem to be consuming excessive CPU, as does your web server (httpd). Is this a heavily accessed web server? Also, what are you using mysql for?

    As an aside, I use mysql to store data from 100's of servers, and many, many thousands of inserts per second, and it is rare that it takes over 10% of a single CPU.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  3. #3
    Linux User postcd's Avatar
    Join Date
    Apr 2011
    Posts
    322
    Not solved: i dont asked about mysql or load issue, rather debugging why load of ssh process is so high. i use this to access this server from my home computer and proxy traffic that way.
    "Avoid the Gates of Hell. Use Linux affordable VPS."

  4. #4
    Linux Engineer docbop's Avatar
    Join Date
    Nov 2009
    Location
    Woodshed, CA
    Posts
    941
    Quote Originally Posted by Rubberman View Post
    And you are using ssh to connect to your local system because?

    FWIW, your mysqld processes seem to be consuming excessive CPU, as does your web server (httpd). Is this a heavily accessed web server? Also, what are you using mysql for?

    As an aside, I use mysql to store data from 100's of servers, and many, many thousands of inserts per second, and it is rare that it takes over 10% of a single CPU.
    From reading other posts he's got a boatload of stuff in cron, so he could be getting killed with context switching.
    A lion does not lose sleep, over the opinion of sheep.

  5. #5
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,558
    Quote Originally Posted by postcd View Post
    Not solved: i dont asked about mysql or load issue, rather debugging why load of ssh process is so high. i use this to access this server from my home computer and proxy traffic that way.
    AFAIK, the only reason ssh processes would use more than minimal resources would because someone is trying to pwn you with a ddos attack. You might want to limit your LoginGraceTime setting in /etc/ssh/sshd_config. The default of 2 minutes is often a problem in such cases. My own security scans note this is a "medium" security issue. Anything above "low" is a problem as far as I'm concerned.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

  6. #6
    Linux User postcd's Avatar
    Join Date
    Apr 2011
    Posts
    322
    Quote Originally Posted by Rubberman View Post
    ...someone is trying to pwn you with a ddos attack...
    thx for idea, i have this:
    #LoginGraceTime 2m
    PermitRootLogin yes
    #StrictModes yes
    #MaxAuthTries 6
    so you mean i should uncomment all these lines?
    "Avoid the Gates of Hell. Use Linux affordable VPS."

  7. #7
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, in Chicago, or in a galaxy far, far away.
    Posts
    11,558
    Uncomment them, yes - setting LoginGraceTime to 30 seconds or less (time to input password), and MaxAuthRetries to 3 or 4. IE, if they don't authenticate in 3 or 4 attempts, lock them out for some period of time. I don't know off-hand what the timeout is, but it will keep the blackhats away for the most part. You can also configure ssh to require the use of an SSL private key, and no password. That can be a self-signed key if you wish, and the public part will be in ~/.ssh/known_hosts. We do that to access our AWS cloud servers. No key, no access.
    postcd likes this.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •