I recently noticed, that there are around 60 sessions opened on all of my hosts. (loginctl list-sessions
)
Details showing up that these sessions are coming from Zabbix Monitoring which is periodically running some scripts to generate statistics.
I could destroy them with loginctl terminate-session
. After 24 hours, there are already some sessions again. I then started monitoring these sessions. See this graph:
Details of a session:
loginctl show-session c96339
Id=c96339
User=0
Name=root
Timestamp=Thu 2017-05-04 03:38:28 CEST
TimestampMonotonic=2551128480813
VTNr=0
Remote=no
RemoteUser=zabbix
Service=sudo
Scope=session-c96339.scope
Leader=14070
Audit=0
Type=unspecified
Class=background
Active=yes
State=closing
IdleHint=no
IdleSinceHint=0
IdleSinceHintMonotonic=0
Sometimes, the server is getting very slow and the load average is somewhat over 40. I have to restart the systemd-logind
service. After that, everything is ok again.
Does anyone have an idea why I have to restart that service regularly and why the sessions are not automatically destroyed?
System:
Fedora 24 (x86_64)
Kernel: 4.9.12-100.fc24.x86_64
Zabbix Agent: zabbix-agent-3.0.7-1.fc24.x86_64
Systemd: systemd-229-18.fc24.x86_64
Best Answer
You may want to have a look at
ClientAliveInterval
setting insshd_config
on the server side. With a value different from 0, this should close disconnected sessions after a given amount of time. (see alsoClientAliveCountMax
)man sshd_config
will give you more informations about these settings.