Q. How do I monitor my ssh server with monit? How do I restart ssh server if it does not respond or dead due to any issues under Linux?
A. You can easily monitor Linux server or service such as OpenSSH (SSHD daemon) using monit utility.
Monitor SSH and Auto Restart If Died
Open your /etc/monitrc or /etc/monit/monitrc file:
# vi /etc/monit/monitrc
Append following code:
check process sshd with pidfile /var/run/sshd.pid
start program "/etc/init.d/ssh start"
stop program "/etc/init.d/ssh stop"
if failed port 22 protocol ssh then restart
if 5 restarts within 5 cycles then timeout
Save and close the file. Make sure you set /var/run/sshd.pid and /etc/init.d/ssh as per your Linux distribution. These values are valid for Debian / Ubuntu Linux. Restart monit to pickup the changes:
# /etc/init.d/monit restart
You should follow me on twitter here or grab rss feed to keep track of new changes.
Featured Articles:
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop
{ 5 comments… read them below or add one }
Great little tut.
I have some trouble adapting monit to ClamAV 0.94.2 under Ubuntu Server 8.04LTS. I have my monit.conf as follows:
–
check process clamd with pidfile /var/run/clamav/clamd.pid
group virus
start program = "/etc/init.d/clamav-daemon start"
stop program = "/etc/init.d/clamav-daemon stop"
if 5 restarts within 5 cycles then timeout
depends on clamavd_bin
depends on clamavd_rc
check file clamavd_bin with path /usr/sbin/clamd
group virus
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
check file clamavd_rc with path /etc/init.d/clamav-daemon
group virus
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
–
I’ve verified the .pid & monit status reports clamavd_bin & clamavd_rc as monitored, but process clamd isn’t.
Perhaps ClamAV for the next of this series?
Weird. <code> stopped after the first block, but I specifically ended the tag @ if failed gid root then unmonitor
Great tut.
I’m having a little trouble adapting a monit.conf on Ubuntu Server 8.04LTS w/ ClamAV 0.94.2.
–
check process clamd with pidfile /var/run/clamav/clamd.pid
group virus
start program = "/etc/init.d/clamav-daemon start"
stop program = "/etc/init.d/clamav-daemon stop"
if 5 restarts within 5 cycles then timeout
depends on clamavd_bin
depends on clamavd_rc
check file clamavd_bin with path /usr/sbin/clamd
group virus
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
check file clamavd_rc with path /etc/init.d/clamav-daemon
group virus
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
–
clamavd_bin & clamavd_rc both show as being monitored, but clamd doesn’t. I’ve verified the .pid exists. Perhaps this could be the next in the series?
Hello –
Please disregard my previous question. It’s working as:
–
check process clamd with pidfile /var/run/clamav/clamd.pid
group virus
start program = "/etc/init.d/clamav-daemon start"
stop program = "/etc/init.d/clamav-daemon stop"
if 5 restarts within 5 cycles then timeout
depends on clamavd_bin
depends on clamavd_rc
check process freshclam with pidfile /var/run/clamav/freshclam.pid
group virus
start program = "/etc/init.d/clamav-freshclam start"
stop program = "/etc/init.d/clamav-freshclam stop"
if 5 restarts within 5 cycles then timeout
depends on clamd
depends on clamavd_bin
depends on clamavd_rc
check file clamavd_bin with path /usr/sbin/clamd
group virus
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
check file clamavd_rc with path /etc/init.d/clamav-daemon
group virus
if failed checksum then unmonitor
if failed permission 755 then unmonitor
if failed uid root then unmonitor
if failed gid root then unmonitor
–
Ubuntu Server 8.04LTS, ClamAV 0.94.2
Great info. Please keep sharing.
thanks,