After more digging today, I discovered an abandoned "bash" session still
running under the processes that was dated one week ago. I killed that
process and was able to log back in under pts/0. Who knows why it was hung
up, but all's well now.
_____
From: Rodrigo Ordonez Licona [mailto:rodrigo (at mark) xnet.com.mx]
Sent: Thursday, May 11, 2006 8:49 PM
To: coba-e (at mark) bluequartz.org
Subject: [coba-e:05134] Re: sulog
HI Darrel
We use a nat router, to connect to our Bluequartz and for some reason after
being Idlle, for a few minutes the SSH connections just drops, (does not
happen on dial ups) in these cases SSH session show up as being logged we
noticed they are left for the rest of the day as logged in but not for a
week.
lastlog might give some clues, but we noticed a strange behavior(confusing)
on those logs
lastlog | grep pts
shows logs of people on the server that should not be allowed to log in to
SSH, I remember seeng something similar on the RAQ 550, so I wouldnt be
paranoid about it.
Try Solarspeed.net security package works like a charm and gives you ... at
least "some" peace of mind
Cheers
Rodrigo O
Xnet / Pwworks
_____
From: Darrell D. Mobley [mailto:dmobley (at mark) uhostme.net]
Sent: Jueves, 11 de Mayo de 2006 01:38 p.m.
To: coba-e (at mark) bluequartz.org
Subject: [coba-e:05132] sulog
Where is the sulog on a BQ machine? I haven't been able to log in under
pts/0 for a week. There are no more users logged into the machine but it
always shows me logged into pts/1 this past week. Support wasn't any help
either, suggesting perhaps a failed pts/0 log off leaving a lock file in
place. I am concerned about a hack.
5136_2.html (attatchment)