UPDATE (7th Dec 2010) & WARNING: I copied the files discussed below (from the /var/tmp/vi.recover directory) to my Windows PC and sacnned with ESET NOD 32. It identifed two of the file (sshd: and juno) as the Linux/RST.B virus. Not sure if it is accurate in saying that but since the machine is a development server I'm going to re-build to be safe.
Hello,
I am using a Red Hat server and am getting the following errors every minute in the messages file:
Dec 1 16:50:01 ocalhost kernel: sshd:[4981]: segfault at 0000000000000079 rip 000000000807100f rsp 00000000ffb901ec error 6
Dec 1 16:51:01 ocalhost kernel: sshd:[4990]: segfault at 0000000000000079 rip 000000000807100f rsp 00000000ffce4b3c error 6
Dec 1 16:52:01 ocalhost kernel: sshd:[5000]: segfault at 0000000000000079 rip 000000000807100f rsp 00000000ffb7f9dc error 6
Dec 1 16:53:01 ocalhost kernel: sshd:[5010]: segfault at 0000000000000079 rip 000000000807100f rsp 00000000fff08d5c error 6
Dec 1 16:54:01 ocalhost kernel: sshd:[5022]: segfault at 0000000000000079 rip 000000000807100f rsp 00000000ffaf194c error 6
I've had a look in the SSH log file and it doesn't show any errors (not even those above).
Can anyone tell me what an 'error 6' is or shed any light on why this may be happening.
If anyone can suggest anywhere else I can look for more clues that would be great, I seem to have reached a dead end on this one.
Further to the comments below, here is the start function from the /etc/init.d/sshd file:
start()
{
# Create keys if necessary
if [ "x${AUTOCREATE_SERVER_KEYS}" != xNO ]; then
do_rsa1_keygen
do_rsa_keygen
do_dsa_keygen
fi
cp -af /etc/localtime /var/empty/sshd/etc
echo -n $"Starting $prog: "
$SSHD $OPTIONS && success || failure
RETVAL=$?
[ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd
echo
}
Thanks
C
Best Answer
Can you tell me if hpsmh is installed and running?
Also, if hpsmh is installed, what are the permissions on its install root?