Monit: Monitor SSHD Server and Auto Restart SSH If It Does Not Respond

by on March 13, 2008 · 5 comments· LAST UPDATED October 7, 2008

in , ,

Q. How do I monitor my ssh server with monit? How do I restart ssh server if it does not respond or dead due to any issues under Linux?

A. You can easily monitor Linux server or service such as OpenSSH (SSHD daemon) using monit utility.

Monitor SSH and Auto Restart If Died

Open your /etc/monitrc or /etc/monit/monitrc file:
# vi /etc/monit/monitrc
Append following code:
check process sshd with pidfile /var/run/sshd.pid
start program "/etc/init.d/ssh start"
stop program "/etc/init.d/ssh stop"
if failed port 22 protocol ssh then restart
if 5 restarts within 5 cycles then timeout

Save and close the file. Make sure you set /var/run/sshd.pid and /etc/init.d/ssh as per your Linux distribution. These values are valid for Debian / Ubuntu Linux. Restart monit to pickup the changes:
# /etc/init.d/monit restart

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 5 comments… read them below or add one }

1 The Doctor May 31, 2009 at 7:31 am

Great little tut.

I have some trouble adapting monit to ClamAV 0.94.2 under Ubuntu Server 8.04LTS. I have my monit.conf as follows:


check process clamd with pidfile /var/run/clamav/clamd.pid
group virus
start program = "/etc/init.d/clamav-daemon start"
stop program = "/etc/init.d/clamav-daemon stop"
if 5 restarts within 5 cycles then timeout
depends on clamavd_bin
depends on clamavd_rc

check file clamavd_bin with path /usr/sbin/clamd
group virus
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor

check file clamavd_rc with path /etc/init.d/clamav-daemon
group virus
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor


I’ve verified the .pid & monit status reports clamavd_bin & clamavd_rc as monitored, but process clamd isn’t.

Perhaps ClamAV for the next of this series?

Reply

2 The Doctor May 31, 2009 at 7:33 am

Weird. <code> stopped after the first block, but I specifically ended the tag @ if failed gid root then unmonitor

Reply

3 The Doctor May 31, 2009 at 7:39 am

Great tut.

I’m having a little trouble adapting a monit.conf on Ubuntu Server 8.04LTS w/ ClamAV 0.94.2.


check process clamd with pidfile /var/run/clamav/clamd.pid
group virus
start program = "/etc/init.d/clamav-daemon start"
stop program = "/etc/init.d/clamav-daemon stop"
if 5 restarts within 5 cycles then timeout
depends on clamavd_bin
depends on clamavd_rc

check file clamavd_bin with path /usr/sbin/clamd
group virus
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor

check file clamavd_rc with path /etc/init.d/clamav-daemon
group virus
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor


clamavd_bin & clamavd_rc both show as being monitored, but clamd doesn’t. I’ve verified the .pid exists. Perhaps this could be the next in the series?

Reply

4 The Doctor May 31, 2009 at 10:39 am

Hello —

Please disregard my previous question. It’s working as:


check process clamd with pidfile /var/run/clamav/clamd.pid
group virus
start program = "/etc/init.d/clamav-daemon start"
stop program = "/etc/init.d/clamav-daemon stop"
if 5 restarts within 5 cycles then timeout
depends on clamavd_bin
depends on clamavd_rc

check process freshclam with pidfile /var/run/clamav/freshclam.pid
group virus
start program = "/etc/init.d/clamav-freshclam start"
stop program = "/etc/init.d/clamav-freshclam stop"
if 5 restarts within 5 cycles then timeout
depends on clamd
depends on clamavd_bin
depends on clamavd_rc

check file clamavd_bin with path /usr/sbin/clamd
group virus
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor

check file clamavd_rc with path /etc/init.d/clamav-daemon
group virus
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor


Ubuntu Server 8.04LTS, ClamAV 0.94.2

Reply

5 Aji Prabowo March 31, 2011 at 5:30 am

Great info. Please keep sharing.

thanks,

Reply

Leave a Comment

Tagged as: , , , , , , , , , , , ,

Previous Faq:

Next Faq: