On Feb 28, 2016, at 3:19 PM, William Warren <hescominsoon at gmail.com>
wrote:>
> I have a new centos 6 install.
?on what? A 64 MiB bargain basement VPS, an enterprise grade 32 GiB server, a
reflashed network switch??
> I have disabled motd in ssh
Why is that relevant? That message likely contains less than 1 kiB of ASCII
text, and isn?t held in RAM continuously anyway.
That feature is so unimportant with respect to memory usage that it was added to
Unix back in the days when 1 kiB of RAM cost real money.
> i also had entropy problems
Specifically what problems? How did you diagnose it, and why do you believe
your solution is useful?
> so i enacted rngd -r /dev/urandom -o /dev/random
That?s essentially bogus. If /dev/random is blocking due to insufficient
entropy, feeding false entropy in from urandom buys you nothing, other than to
fool /dev/random into thinking it has more entropy than it actually does.
On a typical Linux system, /dev/random and /dev/urandom get their entropy from
the same source, so feeding pseudorandom numbers from one to the other is
essentially lying to the kernel; it will get its revenge on you for that lie,
eventually.
rngd is only useful when reading from a [P]RNG that the kernel isn?t already
using for entropy, such as a hardware RNG.
> but did not stop the out of memory errors.
Why would it? The kernel PRNG?s entropy pool has nothing to do with free RAM.
> I am seeing the below in the logs. It only occurs during
> ssh file transfers.
>
> Feb 28 17:18:19 web1 t of memory [13604]
Why is the message truncated? That sounds like memory *corruption* to me,
rather than memory exhaustion.
Are you seeing activity by the OOM killer?
http://www.linuxdevcenter.com/pub/a/linux/2006/11/30/linux-out-of-memory.html
Are you dealing with software you wrote yourself, or only software that came
with CentOS? If the former, have you run it under valgrind?