Reload /etc/security/limits.conf

limits pam

Grrr....

UseLogin is not needed.

UsePAM yes is needed.

A restart of sshd is only needed if UsePAM was changed from no to yes.

Disabling my own ~/.ssh/config was needed very much!

I had Control* statements in my ~/.ssh/config which re-used the ssh channel and thus I would not discover the change.

Thanks to Samed Beyribey and quanta, whose help gave me the idea to run ssh -vv which gives very different output when you have Control* statements.


I have read that the values are reloaded when logging in; it works when I do su - user but it does not work through ssh user@localhost.

The reason is: by default, SSH opening a non-login shell, so limits is not being applied.

To make it uses a login shell, edit your sshd_config file and uncomment/change #UseLogin no to UseLogin yes:

gentoo ~ # grep UseLogin /etc/ssh/sshd_config 
#UseLogin no
gentoo ~ # sed -i.bak 's/#UseLogin no/UseLogin yes/' /etc/ssh/sshd_config 
gentoo ~ # grep UseLogin /etc/ssh/sshd_config 
UseLogin yes

Reload the sshd and try again.

Source: http://znx.no/2011/01/ssh-and-limits/

Related

What's the point of using runit in combination with monit?
How to create a Linux user without a password but being able to set it?
Dealing with SMTP invalid command attack
no default value for required attribute
How do you measure the memory footprint of a set of forked processes?
virtual disk image - file or partition
How to set only specific nginx server block into maintenance mode programmatically
How can I move s3 objects >5gb from one bucket to another?
Checking yum connectivity from a script?
How do I lock down nginx on debian wheezy (running systemd)?
How to avoid specifying full path in sudoers file?
Serial Over Lan doesn't redirect OS terminal