Guaranteeing SSH access on a stressed server

ssh linux process-priority

I had an issue some time ago with a server in which Apache and Snort was occupying 100% of the processor, making the sshd unresponsive through remote access. I had to go physically to the server to log on a local TTY and then stop apache/snort.

I'm wondering if there's a way of guaranteeing ssh connectivity on a situation of 100% loaded CPU/memory. Setting a "nice" priority would be enough?

Thank you!


Other than using an out-of-band method, there's no way to guarantee that SSH will be available on a fully loaded server. If your service is so loaded that it can't even serve a basic SSH terminal to you, then you have other problems.

Yes, renice and giving it a lower nice value will improve the performance in heavy loads, but instead using something like pam_security (example shown here) will prevent Apache/whatever from becoming unmanageable to begin with.


Your general-purpose solution for this is an out-of-band management tool, like Dell iDRAC, IBM Remote Supervisor, or HP iLO. It can always present a console (whether or not the OS can respond to it depends on your specific situation), and apply desired power states as needed.

Related

logstash (or graylog?) vs nxLog to collect event logs and csv logs [closed]
How to remove ourselves from nudity blacklists? [duplicate]
Why can't user login on Postgres
How to add language support on CentOS 7 (on Docker)?
Swap being used when RAM is almost half free
Why do EC2 T2 instances sometimes start with zero CPU Credits
How to list all containers in Kubernetes?
Why is there both character device and block device for nvme?
SELinux reset root password
How do I generate and set the locale using ansible?
How do you set bzip2 block size when using tar?
Where to go to see if my IP is blacklisted as a SPAM