Count SSH sessions?

ssh linux

I sometimes find the following message in auth.log:

sshd[8888]: error: no more sessions

In sshd_config I have set "MaxStartups 300", and I shouldn't have nearly as many clients connecting concurrently. At busy times I guess that I could have about 50-60 concurrent connections which only lasts for a couple of seconds while up/downloading a small file over sftp.

I suspect that mayby some of the clients isnt't closing the connection as they should, and as the connections happen repeadiately and quite frequenty (each client connecting a few times per minute), it could be adding up over time. To troubleshoot this I want to be able to count the SSH sessions, but I cant think of any better way than to count the connections using netstat:

netstat -an | grep 123.456.789.abc:22 | wc -l

As this would be counting connections instead of sessions and I am unsure if there is a case where the session would live, but the connection is closed?

Is there any better way of counting the current connectins, or even better print the current state of all sessions?

Thanks in advance!


Solution 1:

MaxStartups governs the number of "concurrent unauthenticated connections" to sshd, not sessions as such. (If limit is violated, it starts dropping older connections)

If you haven't already provided an explicit value for MaxSessions, it will default to 10. (Perhaps that's what you actually meant you'd set?)

You can see the man page for sshd_config more details: http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5

I don't see that sshd itself has a facility for reporting stats of the type you're asking about (though I also didn't research it much, either.)

Regards, Sapp3r.

Solution 2:

[I realize this is a very old question but I'm adding this for posterity.]

The "no more sessions" message applies to multiplexed connections, not separate connections.

It appears to be #define'd at compile-time with MAX_SESSIONS for versions prior to 5.1, when the MaxSessions setting was introduced: http://www.openssh.com/txt/release-5.1

On RHEL5, at least, MAX_SESSIONS appears to have been increased to 20.

Related

iptables: what does "--src-type LOCAL" mean exactly?
Web Server Security Overkill?
Redundant OpenVPN connections with advanced Linux routing over an unreliable network
dnsmasq reading /etc/hosts, but not using it
How to send a message to a specific pts?
MySQL: Fatal error: Can't open and lock privilege tables: Table 'mysql.host' doesn't exist [closed]
How long should a RAID Reconfiguration take? (Adaptec 6805)
df reports wrong free space for an Ext4 partition
Completely silent robocopy
Is quoted-printable enough to make a mail compliant with the line-length-restriction posed in RFC 2822?
Does linux balance-rr (bond mode=0) work with all switches?
Secure way to mount a password protected cifs share in mac