Open vegaelle opened 4 years ago
I faced the same issue. After a bit of debugging and digging into the source code, I found that in the handle_ssh_auth()
function, the call to ssh_handle_key_exchange()
further calls ssh_handle_packets_termination()
to handle packets, which is blocking and uses an infinite timeout by default. And if the authentication is interrupted midway before the polling starts, the subprocess blocks infinitely, causing a memory (and process number) leak.
So the solution is to set a valid timeout for the allocated session. In the main()
function, below session = ssh_new ();
, add:
long timeout = 5; // set default timeout to 5s
ssh_options_set(session, SSH_OPTIONS_TIMEOUT, (void *)(&timeout));
And that should fix this issue (at least it works for me).
Hi. Would it be possible to integrate this patch? The project doesn’t seem active anymore. @jorgeverastegui is your fork intented to be a take-over?
added.
Hi. I’ve been using ssh-honeypot for a few weeks now, and i noticed that the server has a very concerning ram usage. This server is a firewall, and only uses iptables (kernel-space) and ssh-honeypot. Here’s my monitoring graph for the last 7 days:
The drops in memory consumption are when i restart the ssh-honeypot service (using openrc). Right now, there’s 425 honeypot processes running.
Why is ssh-honeypot behaving like this, and what can be done to prevent crashing my server every 2 days if i don’t stop manually the service?