Mrtg log file not updating speed dating in reading
Erase everything from your protocol 1 installations (the old ssh binaries, /etc/ssh*), do not try to be backwards compatible, avoid the old HOWTOs and go buy # This is ssh server systemwide sshd_config Port 22 #Protocol 2,1 Listen Address 0.0.0.0 #Listen Address :: Host Key /usr/local/etc/ssh_host_key Server Key Bits 768 Login Grace Time 600 Key Regeneration Interval 3600 Permit Root Login yes #Permit Root Login without-password # # Don't read ~/.rhosts and ~/.shosts files Ignore Rhosts yes # Uncomment if you don't trust ~/.ssh/known_hosts for Rhosts RSAAuthentication #Ignore User Known Hosts yes Strict Modes yes X11Forwarding no X11Display Offset 10 Print Motd yes Keep Alive yes # Logging Syslog Facility AUTH Log Level INFO #obsoletes Quiet Mode and Fascist Logging Rhosts Authentication no # # For this to work you will also need host keys in /usr/local/etc/ssh_known_hosts #Rhosts RSAAuthentication no Rhosts RSAAuthentication yes # RSAAuthentication yes # To disable tunneled clear text passwords, change to no here!Password Authentication yes #Permit Empty Passwords no Permit Empty Passwords yes # Uncomment to disable S/key passwords #Skey Authentication no #Kbd Interactive Authentication yes # To change Kerberos options #Kerberos Authentication no #Kerberos Or Local Passwd yes #AFSToken Passing no #Kerberos Ticket Cleanup no # Kerberos TGT Passing does only work with the AFS kaserver #Kerberos Tgt Passing yes Check Mail no #Use Login no # Uncomment if you want to enable sftp #Subsystem sftp /usr/local/libexec/sftp-server #Max Startups If you install sshd and generate the host keys for the realservers using the default settings, you'll get a working LVS'ed sshd. The default sshd listens to 0.0.0.0 and you will have generated host keys for a machine whose name corresponds to the RIP (and not the VIP).Since the client will be displaying a prompt with the name of the realserver (rather than the name associated with the VIP) this will work just fine.However the client will get a different realserver each connection (which is OK too) and will accumulate keys for each realserver.The problem is that what the user thinks is a clean exit and what the sshd thinks are a clean exit, may be different things.(There is a similar problem on a webserver, which is running a process invoked by a cgi script, when the client disconnects by clicking to another page or hitting "stop").Shivaji Navale On our realservers, after the users have logged out of their ssh session, zombie processes run at high load average in the background. The ssh connection to the director doesnt get closed even after ctrl-D. I use ipvs to load balance ssh and I do use persistence (and my users are happy with it -- in fact they asked me to do so).
If instead you want the client to be presented with one virtual machine, you will need each machine to have its hostname being the name associated with the VIP, the sshd will have to listen to the VIP (if LVS-DR, LVS-Tun) and the hostkeys will have to be generated for the name of the VIP.The user must exit cleanly from their ssh session, or the realserver will be left running the ssh invoked process at high load average.