Re: 64_bit SSH

From: Burak Bilen (bilen_at_metu.edu.tr)
Date: 07/08/04

  • Next message: Darren Tucker: "Re: Disable SFTP/SCP but not SSH?" 
    Date: Thu, 08 Jul 2004 10:05:41 +0300
To: Bill Kirn <kirn1@sugar-land.oilfield.slb.com>

      In AIX, you can change the "Maximum number of FIXED licenses" which
    affects the maximum number of users that can login to the system
    concurrently.
    I am not much familiar with HP, but there can be a similar setting which
    may be changed using the HP's SAM tool.

    Bill Kirn wrote:

    >
    > To whomever -
    > I have a client who has an HP 11i system presently running
    > ssh3.7.1p2/ssl9.7c. They are going to
    > replace the 'telnet' connections with all SSH. The problem that
    > they are seeing is that SSH stops
    > allowing connections when it reaches 232 concurrent connections.
    > They will require 300+ under
    > production. The system has 20GB of memory and 12GB free when SSH
    > stops allowing connections.
    > The SSH running is 32-bit SSH/SSL. So, I'm trying to create a
    > 64-bit version. I have gotten SSL to
    > to compile 9.7d for 64-bit, but SSH errors when running
    > 'configure' stating that the /usr/local/ssl/lib/libcrypto.a
    > file is a "64-bit PA archive library (Mismatched ABI)". My
    > question, is there a way to compile SSH to be 64-bit?
    > Or is there a way to use the 32-bit but increase the number of
    > concurrent connections. In the ssd_config
    > file, the MaxStartups param is commented out(#). It was set at
    > 10:30:60. Any help in this would be
    > appreciated.
    >
    > Thanks in advance...Bill Kirn, Schlumberger HP Admin, NAM Data Center,
    > Sugar Land, Texas

  • Next message: Darren Tucker: "Re: Disable SFTP/SCP but not SSH?"

    Relevant Pages

    • Re: [Full-disclosure] reduction of brute force login attempts via SSH through iptables --
      ... reduction of brute force login attempts via SSH through iptables --hashlimit ... out why my first attempts at using the hashlimit functionality in iptables ... against legitimate SSH connections, unless someone spoofs a very large ...
      (Full-Disclosure)
    • Re: Looking for program that emails me when dhcp addr changes
      ... For SSH all you need forwarded is TCP Port 22... ... >>participate in TCP connections or UDP conversations it initiates but ...
      (comp.security.ssh)
    • Re: ssh disconnecting [WAS: Getting Cut-Off]
      ... I left an SSH connection open to my server last night, ... after unexpecteded termination of previous connections. ... >>I didn't think my connection was idle since file transfer was occuring, ...
      (freebsd-questions)
    • Re: SSH login takes very long time...sometimes
      ... to open many connections is probably not that important, ... These were different types of attacks, primarily originating from single IP addresses: ... but had the worst impact on the ssh availability. ... So the best option for me was to implement a log analyzer script placing temporary blocks on the firewall when necessary. ...
      (freebsd-stable)
    • Re: Looking for program that emails me when dhcp addr changes
      ... > LA> Neither my ssh info or man route says mentions about how to ssh in ... >participate in TCP connections or UDP conversations it initiates but ... >The sheer ugliness of NAT is breathtaking. ... Any other connections besides port 22 I need to address? ...
      (comp.security.ssh)