$con = ssh2_connect($host, 22);
ssh2_auth_password($con, $rem_acc, $pass);
ssh2_scp_send($con,$rand.".gz","./".$rand.".gz");
$stream = ssh2_exec($con, "./exeonserv.sh ".$rand);
As long as I keep the load to below 2 requests per second to the PHP script (there are 2 SSH connections in the script, so 4 connections per second), this works fine
But the moment it exceeds 2 requests per second, the connection starts failing, with this error in the log:
[Sat Apr 21 11:51:40 2012] [error] [client 172.16.57.97] PHP Warning: ssh2_connect(): Error starting up SSH connection(-1): Failed getting banner in /var/www/fsproj/result.php on line 105
[Sat Apr 21 11:51:40 2012] [error] [client 172.16.57.97] PHP Warning: ssh2_connect(): Unable to connect to localhost in /var/www/fsproj/result.php on line 105
I used the following code to try and solve the issue, but if the sustained load is greater than 2req/sec. it just ends up increasing the response time
$con=false;
while(!$con)
{
$con = ssh2_connect($host, 22);
}
Is there a cap on the maximum rate at which SSH connections can be opened? If so where can I change that value? (or any other solutions?)
I'm using Apache on Ubuntu
Taking a look at man sshd_config, the following sections seems to control the maximum number of SSH connections that can be opened at once and also the maximum number of concurrent connection attempts. You'll need to modify /etc/ssh/sshd_config with your desired settings.
MaxSessions
Specifies the maximum number of open sessions permitted per net-
work connection. The default is 10.
MaxStartups
Specifies the maximum number of concurrent unauthenticated con-
nections to the SSH daemon. Additional connections will be
dropped until authentication succeeds or the LoginGraceTime
expires for a connection. The default is 10.
Alternatively, random early drop can be enabled by specifying the
three colon separated values ``start:rate:full'' (e.g.
"10:30:60"). sshd(8) will refuse connection attempts with a
probability of ``rate/100'' (30%) if there are currently
``start'' (10) unauthenticated connections. The probability
increases linearly and all connection attempts are refused if the
number of unauthenticated connections reaches ``full'' (60).
Additionally, for your example where you are attempting to connect to the server, you may want to add a sleep after failed connection attempts. Without this backoff and the server is flooded, your script may make things worse by attempting to flood the server more with connection attempts.
Honestly, I'd use phpseclib, a pure PHP SSH implementation:
<?php
include('Net/SSH2.php');
$ssh = new Net_SSH2('www.domain.tld');
if (!$ssh->login('username', 'password')) {
exit('Login Failed');
}
echo $ssh->exec('pwd');
echo $ssh->exec('ls -la');
?>
phpseclib is more portable than libssh2 and you can get logs with phpseclib which might assist in diagnosing your problem.