2
I’m having a little problem with the SSH of one of the company’s servers. The problem is that I am using a monitoring software called Nagios, and as the use of some other way of checking, such as NRPE, requires the installation of several packages that I prefer not to install, since the server is dedicated, I decided to use SSH checking. I created an access key, so Nagios itself do the SSH access and collect the information and it worked out all right. Now that the problem appears. Every time I activate the checks on this server, it checks everything normal, but when it goes to do the sixth consecutive check, my IP is banned and gives timeout, so I have to go on another server, jump to it and unblock my IP, but as soon as Nagios will make the checks the IP is already banned again.
You see, the problem is not in the access key that I created, because it works normally, even when I test with the command below:
sudo -u nagios ssh nagios@servidor
Or with the Nagios plugin itself:
sudo -u nagios ./check_by_ssh -l nagios -H <ip-do-servidor> -C "<comando>"
The question is the number of times that soon. So I noticed, after 5 consecutive logins, in the sixth he already Bane my IP.
To make sure it wasn’t exclusive only to Nagios, I made 5 consecutive accesses via terminal on the server and the sixth blocked as well. The answer on the sixth access is this:
ssh: connect to host <server>.<domain> port <port-number>: Connection timed out
Are there any SSH settings, perhaps in /etc/ssh/sshd_config or /etc/ssh/ssh_config, that allow you to configure the allowed number of consecutive successful logins? Something like maxretry and bantime?
I don’t know any restrictions of this type of SSHD. Could you post SSHD log messages? Especially disconnection and error messages.
– Vinícius Gobbo A. de Oliveira
@Thiagomartins, I believe this link can help you: http://z9.io/2008/12/10/how-to-fix-ssh-timeout-problems/
– Fellipe Soares