Prioritise ssh logins (nice)

Is there a preferred way to set "nice" for sshd?

I need priority given to sshd such that I can login and easily fix stuff when something has gone wrong (eg DoS, badly behaved processes, etc)

Solution 1:

You can give your preferred user account or user group a nice value in /etc/security/limits.conf, at least if we are talking about Linux. Then when you login via sshd, you will have nice value of X, whatever you set it.

In my experience the CPU scheduler in kernel is nowadays so good it's hard to make server unmanageably sluggish just by burning CPU cycles, shell will usually respond in reasonable time.

If your server struggles to respond to you via ssh, then it most likely is swapping itself to death. Everything starts to take ages if server consumes all its time for swapping pages in and out of memory to disk.

That's why better approach is to set up cgroups, so your user always have some spare CPU cycles / memory / other resources left. As said by viqrto, it may or may not help.

Solution 2:

You need to limit the number of processes(threads). Most of the demon has its own settings. Apache for example. Then the scheduler will always allocate an appropriate amount of CPU time for SSH servers.

cpulimit or cgroup can limit the cpu usage of a process. This may help, but it may not