[CentOS] ssh issues with centos 6

Mon Feb 29 22:07:03 UTC 2016
Warren Young <wyml at etr-usa.com>

On Feb 28, 2016, at 3:19 PM, William Warren <hescominsoon at gmail.com> wrote:
> I have a new centos 6 install.

…on what?  A 64 MiB bargain basement VPS, an enterprise grade 32 GiB server, a reflashed network switch…?

> I have disabled motd in ssh

Why is that relevant?  That message likely contains less than 1 kiB of ASCII text, and isn’t held in RAM continuously anyway.

That feature is so unimportant with respect to memory usage that it was added to Unix back in the days when 1 kiB of RAM cost real money.

> i also had entropy problems

Specifically what problems?  How did you diagnose it, and why do you believe your solution is useful?

> so i enacted   rngd -r /dev/urandom -o /dev/random

That’s essentially bogus.  If /dev/random is blocking due to insufficient entropy, feeding false entropy in from urandom buys you nothing, other than to fool /dev/random into thinking it has more entropy than it actually does.  

On a typical Linux system, /dev/random and /dev/urandom get their entropy from the same source, so feeding pseudorandom numbers from one to the other is essentially lying to the kernel; it will get its revenge on you for that lie, eventually.

rngd is only useful when reading from a [P]RNG that the kernel isn’t already using for entropy, such as a hardware RNG.

> but did not stop the out of memory errors.

Why would it?  The kernel PRNG’s entropy pool has nothing to do with free RAM.

> I am seeing the below in the logs.  It only occurs during
> ssh file transfers.
> Feb 28 17:18:19 web1 t of memory [13604]

Why is the message truncated?  That sounds like memory *corruption* to me, rather than memory exhaustion.

Are you seeing activity by the OOM killer?


Are you dealing with software you wrote yourself, or only software that came with CentOS?  If the former, have you run it under valgrind?