≡ Menu

Monit: Monitor SSHD Server and Auto Restart SSH If It Does Not Respond

Q. How do I monitor my ssh server with monit? How do I restart ssh server if it does not respond or dead due to any issues under Linux?

A. You can easily monitor Linux server or service such as OpenSSH (SSHD daemon) using monit utility.

Monitor SSH and Auto Restart If Died

Open your /etc/monitrc or /etc/monit/monitrc file:
# vi /etc/monit/monitrc
Append following code:
check process sshd with pidfile /var/run/sshd.pid
start program "/etc/init.d/ssh start"
stop program "/etc/init.d/ssh stop"
if failed port 22 protocol ssh then restart
if 5 restarts within 5 cycles then timeout

Save and close the file. Make sure you set /var/run/sshd.pid and /etc/init.d/ssh as per your Linux distribution. These values are valid for Debian / Ubuntu Linux. Restart monit to pickup the changes:
# /etc/init.d/monit restart

Tweet itFacebook itGoogle+ itPDF itFound an error/typo on this page?

{ 5 comments… add one }

  • The Doctor May 31, 2009, 7:31 am

    Great little tut.

    I have some trouble adapting monit to ClamAV 0.94.2 under Ubuntu Server 8.04LTS. I have my monit.conf as follows:


    check process clamd with pidfile /var/run/clamav/clamd.pid
    group virus
    start program = "/etc/init.d/clamav-daemon start"
    stop program = "/etc/init.d/clamav-daemon stop"
    if 5 restarts within 5 cycles then timeout
    depends on clamavd_bin
    depends on clamavd_rc

    check file clamavd_bin with path /usr/sbin/clamd
    group virus
    if failed checksum then unmonitor
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor

    check file clamavd_rc with path /etc/init.d/clamav-daemon
    group virus
    if failed checksum then unmonitor
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor


    I’ve verified the .pid & monit status reports clamavd_bin & clamavd_rc as monitored, but process clamd isn’t.

    Perhaps ClamAV for the next of this series?

  • The Doctor May 31, 2009, 7:33 am

    Weird. <code> stopped after the first block, but I specifically ended the tag @ if failed gid root then unmonitor

  • The Doctor May 31, 2009, 7:39 am

    Great tut.

    I’m having a little trouble adapting a monit.conf on Ubuntu Server 8.04LTS w/ ClamAV 0.94.2.


    check process clamd with pidfile /var/run/clamav/clamd.pid
    group virus
    start program = "/etc/init.d/clamav-daemon start"
    stop program = "/etc/init.d/clamav-daemon stop"
    if 5 restarts within 5 cycles then timeout
    depends on clamavd_bin
    depends on clamavd_rc

    check file clamavd_bin with path /usr/sbin/clamd
    group virus
    if failed checksum then unmonitor
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor

    check file clamavd_rc with path /etc/init.d/clamav-daemon
    group virus
    if failed checksum then unmonitor
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor


    clamavd_bin & clamavd_rc both show as being monitored, but clamd doesn’t. I’ve verified the .pid exists. Perhaps this could be the next in the series?

  • The Doctor May 31, 2009, 10:39 am

    Hello —

    Please disregard my previous question. It’s working as:


    check process clamd with pidfile /var/run/clamav/clamd.pid
    group virus
    start program = "/etc/init.d/clamav-daemon start"
    stop program = "/etc/init.d/clamav-daemon stop"
    if 5 restarts within 5 cycles then timeout
    depends on clamavd_bin
    depends on clamavd_rc

    check process freshclam with pidfile /var/run/clamav/freshclam.pid
    group virus
    start program = "/etc/init.d/clamav-freshclam start"
    stop program = "/etc/init.d/clamav-freshclam stop"
    if 5 restarts within 5 cycles then timeout
    depends on clamd
    depends on clamavd_bin
    depends on clamavd_rc

    check file clamavd_bin with path /usr/sbin/clamd
    group virus
    if failed checksum then unmonitor
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor

    check file clamavd_rc with path /etc/init.d/clamav-daemon
    group virus
    if failed checksum then unmonitor
    if failed permission 755 then unmonitor
    if failed uid root then unmonitor
    if failed gid root then unmonitor


    Ubuntu Server 8.04LTS, ClamAV 0.94.2

  • Aji Prabowo March 31, 2011, 5:30 am

    Great info. Please keep sharing.

    thanks,

Leave a Comment