[PVE-User] Problem with ssh sessions

Fabian Abplanalp fabian at bug.ch
Tue Jul 25 10:12:21 CEST 2023 

Hi there

The sessions are opened by a Nagios server for various tests, which 
means there is always a clean exit status, otherwise the tests would not 
work.
However, the same happens with sessions opened manually.

The sessions run over a ProxyCommand/JumpHost with Proxmox 8.0.3/Debian 
12.1 to the VMs (All Debian 11) over the internal bridge.

Nagios -> Proxmox -> VM hosts

Since the sshd remain on the Proxmox and the VM hosts, they also eat up 
all the memory over time.


On the VM host:
user at vm:~$ ps -ALf | grep nagios
[...]
root 196819 732 196819 0 1 09:17 ? 00:00:00 sshd: nagios [priv]
nagios 196825 196819 196825 0 1 09:17 ? 00:00:00 sshd: nagios at notty
[...]


user at proxmox:~# ps -ALf | grep nagios
[...]
nagios 617299 1 617299 0 1 09:17 ? 00:00:00 nc 10.0.0.80 22
nagios 617300 1 617300 0 1 09:17 ? 00:00:00 nc 10.0.0.25 22
[...]


With loginctl the sessions are still listed:
root at vm:~# loginctl
[...]
   18112 6000 nagios
   18113 6000 nagios
[...]

root at proxmox:~# loginctl
[...]
  129729 6000 nagios
  129730 6000 nagios
[...]


It even records on the proxmox that the session has been closed:

root at proxmox:~# loginctl session-status 129538
129538 - nagios (6000)
            Since: Tue 2023-07-25 09:17:03 CEST; 24min ago
           Leader: 617115
           Remote: 84.xx.xx.xx
          Service: sshd; type tty; class user
            State: closing
             Unit: session-129538.scope
                   └─617299 nc 10.0.0.80 22

Jul 25 09:17:03 proxmox systemd[1]: Started session-129538.scope - 
Session 129538 of User nagios.
Jul 25 09:17:04 proxmox sshd[617273]: Received disconnect from 
84.xx.xx.xx port 8152:11: disconnected by user
Jul 25 09:17:04 proxmox sshd[617273]: Disconnected from user nagios 
84.xx.xx.xx port 8152
Jul 25 09:17:04 proxmox sshd[617115]: pam_unix(sshd:session): session 
closed for user nagios


...in contrast on the VMs:

root at vm:~# loginctl session-status 18084
18084 - nagios (6000)
            Since: Tue 2023-07-25 09:17:04 CEST; 25min ago
           Leader: 196819 (sshd)
           Remote: 10.0.0.11
          Service: sshd; type tty; class user
            State: active
             Unit: session-18084.scope
                   ├─196819 sshd: nagios [priv].
                   └─196825 sshd: nagios at notty

Jul 25 09:17:04 webserver systemd[1]: Started session 18084 of user nagios.


If I kill the sessions on the Proxmox/Jumphost, they also disappear on 
the VMs.
The irritating thing is that this problem did not exist before with 
Debian 11.7 and KVM/qemu, the VMs did not change.

Any Ideas?

BR,
Fabian

More information about the pve-user mailing list