Is it possible that you bought the servers at the same time from the
same manufacturer? It looks like you have a corrupt disk and if all
those hard drives came out of the same batch, it is very possible to
have "the same problem" on the different servers. When you say "can't
do ssh on it" at what point in the ssh process does it fail? Do you get
prompted to put in the user name and password and then it hangs? This
could be due to the user home disk being corrupted and the login scripts
are not being able to run. It may have nothing to do with ssh or the
system being compromised. It really looks like you bought a bunch of
disks at the same time and they are lemons or really, really old, got
too hot, etc. I've had disk problems spread throughout a building and
the cause turned out to be low city electrical power being delivered to
the building.
---K
andrew2@one.net wrote:
Are you up to date on the RedHat Kernel? I seem to recall there being a
kernel bug in RedHat 7.3 for ext3 filesystems that was resolved with an
updated kernel ~2 years ago.
Andrew
Cristian Stanca wrote:
Hello,
We've got a hard disk failure (bad blocks - reported the
array controller
bios) on a scsi hard-disk on an INTEL platform (running
Fedora Core 2 Linux operating system). What is interesting is
that this hard-disk failure occurred after a "I don't know
what it is... let's reboot it and see after that" situation.
Situation describe by many "segmentation fault" when using
typical application like vi or service or even grub-install.
Grub did not start again after that (we tried to reinstall it
with an Install CD 1 from Fedora and grub-install did said
"segmentation fault" again)
We did recover the data on that scsi hard-drive by mounting
it on another machine.
So far so good (sort of)
After a week or so, another Linux server, began to show the
same errors while giving shell commands and also sshd
listened on port 22 we cannot do a ssh on it. We did not make
the connection to the previous case (as we thought was a
possible hardware failure), reboot it and grub did not start.
We boot again with an install CD from redhat 7.3 (as we had
redhat 7.3 installed on that hard-disk, and thought if any
files are missing...), the hard-disk was recognized by
controller (again scsi hard-disk), fdisk view the partitions,
and cannot this time mount them. (As I write this the "much
more important data that hardware" hard-disk is at a computer
service, for data recovery.
Again, on a third Linux server (redhat 7.3) we got some
messages at the primary console (kernel BUG commit.c #some
number, lots of stack text and hexa symbols...) and again
can't do ssh on it (it responds to ping and traceroute,
telnet ip_address port 22 works...). We are kind of worried
regarding the reboot of this machine...
Could that be a worm, exploit or something, or looks like a
human intervention situation?!
In the mean time, we are working at a firewall and password policies.
