dave mallery wrote: > the problem with wtmp is that it shows (without a decoder ring) that > there are thousands of logins per day on tty1 thru 6. that's odd on a > cluster node on a private network behind a server behind a firewall. > also no node has a keyboard! i can eliminate the file, but what is > causing these login records??? this is happening on most of my 16 > nodes. i figure there is a lot of wasted activity. at most, i may log > in every few days via ssh. > > so is there a decoder program that can dump the contents of wtmp, or do > i have to write one?? (muttered dave) i think some effort on the cause > here will be worth it. You can do something like last -f /var/log/wtmp.1 > the cluster nodes are diskless/swapless .5Gb twin pII 333s using > etherboot, dhcp, tftp and kernel nfs. it was once called an > "altacluster" and it was brand new in 1998! it had 64 nodes and worked > at los alamos. i got part of it at an auction. now it thinks about > little green men. Maybe the nodes are sshing into the server for some reason? Although only interactive ssh's should show in the wtmp file, I'd imagine it'll be something like that. Maybe rshing in or something. -- see shy jo
Attachment:
pgpkbOWIZVUKi.pgp
Description: PGP signature