[Mike Gabriel] > Today I saw killer kill sshd user processes (i.e., active SSH > sessions). killer depend on updated utmp/wtmp information (check last/w/who). If the active SSH sessions did not register their login with utmp, killer can not know their processes belong to active login sessions. -- Happy hacking Petter Reinholdtsen