On Thu, Jun 30, 2011 at 03:50:30AM +0800, Emmanuel Noobadmin wrote:
I was having problems with the same server locking up to the point I can't even get in via SSH. I've already used HTB/TC to reserve bandwidth for my SSH port but the problem now isn't an attack on the bandwidth. So I'm trying to figure out if there's a way to ensure that SSH is given cpu and i/o priority.
As you've probably figured out, the short answer is no. There are sometimes workarounds, of course.
Since I'm not the only person who face problems trying to remotely access a locked up server, surely somebody must had come up with a solution that didn't involve somebody/something hitting the power button?
In addition to the suggestions already made, one possibility is to attach a serial console or IP KVM. Logging in may still be awful, but at least you won't have to go through sshd. I've been able to log in through a serial getty when sshd was not responding or taking too long (this works maybe 50-75% of the time; the rest of the time it's too late, and even getty is unresponsive). You have the added advantage of being able to log in directly as root if you have PermitRootLogin no in your sshd_config.
If your I/O problem is due to running out of memory and thrashing swap, you can try to be more aggressive with the OOM killer settings.
As someone else mentioned, it might help if you elaborated on "locked up". What are the common scenarios you see?
--keith