專案中的一台阿里雲,最近一段時間出現ssh的時候,連線非常慢,大概輸入密碼後要10-20秒左右才能連上,以下記錄調查過程及解決辦法
通過網上的一些查詢,發現大都是因為設定dns,hosts或者通過關閉usedns=no gssapiauthentication no的方式來解決,但我的問題和這些不同,首先我是通過ip連線的,不存在dns網域名稱解析的問題,並且sshd_config檔案中的這些設定項也都是no,因此自己通過調查,發現是以下原因引起的:
1.通過[-v]引數,檢視ssh連線的具體過程
demacbook-pro:~ yyq$ ssh -v [email protected] -p xxopenssh_6.9p1, libressl 2.1.8
debug1: reading configuration data /etc/ssh/ssh_config
debug1: connecting to x.x.x.x [x.x.x.x] port xx.
debug1: connection established.
debug1: identity file /users/yyq/.ssh/id_rsa type 1
debug1: key_load_public: no such file or directory
debug1: identity file /users/yyq/.ssh/id_rsa-cert type -1
debug1: identity file /users/yyq/.ssh/id_dsa type 2
debug1: key_load_public: no such file or directory
debug1: identity file /users/yyq/.ssh/id_dsa-cert type -1
debug1: key_load_public: no such file or directory
debug1: identity file /users/yyq/.ssh/id_ecdsa type -1
debug1: key_load_public: no such file or directory
debug1: identity file /users/yyq/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: no such file or directory
debug1: identity file /users/yyq/.ssh/id_ed25519 type -1
debug1: key_load_public: no such file or directory
debug1: identity file /users/yyq/.ssh/id_ed25519-cert type -1
debug1: enabling compatibility mode for protocol 2.0
debug1: local version string ssh-2.0-openssh_6.9
debug1: remote protocol version 2.0, remote software version openssh_7.2p2 ubuntu-4ubuntu2.1
debug1: match: openssh_7.2p2 ubuntu-4ubuntu2.1 pat openssh* compat 0x04000000
debug1: authenticating to x.x.x.x:xx as 'root'
debug1: ssh2_msg_kexinit sent
debug1: ssh2_msg_kexinit received
debug1: kex: server->client [email protected] none
debug1: kex: client->server [email protected] none
debug1: expecting ssh2_msg_kex_ecdh_reply
debug1: server host key: ecdsa-sha2-nistp256 sha256:hictrrpas7yv495ddlnqhsfcnkxvacpx9fwunnvenzu
debug1: host '[x.x.x.x]:xx' is known and matches the ecdsa host key.
debug1: found key in /users/yyq/.ssh/known_hosts:38
debug1: ssh2_msg_newkeys sent
debug1: expecting ssh2_msg_newkeys
debug1: ssh2_msg_newkeys received
debug1: ssh2_msg_service_request sent
debug1: ssh2_msg_service_accept received
debug1: authentications that can continue: publickey,password
debug1: next authentication method: publickey
debug1: offering rsa public key: /users/yyq/.ssh/id_rsa
debug1: authentications that can continue: publickey,password
debug1: offering dsa public key: /users/yyq/.ssh/id_dsa
debug1: authentications that can continue: publickey,password
debug1: trying private key: /users/yyq/.ssh/id_ecdsa
debug1: trying private key: /users/yyq/.ssh/id_ed25519
debug1: next authentication method: password
[email protected]'s password:
首先觀察在要求輸入密碼前有沒有出現耗時的操作?
我的問題並沒有,因此,繼續輸出密碼:
[email protected]'s password:debug1: authentication succeeded (password).
authenticated to x.x.x.x ([x.x.x.x]:xx).
debug1: channel 0: new [client-session]
debug1: requesting [email protected]
debug1: entering interactive session.
輸入密碼後,發現停在這裡了,大概10-20秒後,就可以連線上;
通過日誌可以發現,密碼的驗證沒有損耗時間,已經正確驗證通過authentication succeeded (password)
哪麼到底是什麼原因導致的速度這麼慢?
2.開啟伺服器的系統日誌,檢視
tail -f /var/log/auth.logsshd[12642]: pam_systemd(sshd:session): failed to create session: connection timed out
dbus[617]: [system] failed to activate service 'org.freedesktop.login1': timed out
sshd[12642]: received disconnect from x.x.x.x port 52856:11: disconnected by user
sshd[12642]: disconnected from x.x.x.x port 52856
sshd[12642]: pam_unix(sshd:session): session closed for user root
sshd[12689]: userauth_pubkey: key type ssh-dss not in pubkeyacceptedkeytypes [preauth]
sshd[12689]: accepted password for root from x.x.x.x port 52866 ssh2
sshd[12689]: pam_unix(sshd:session): session opened for user root by (uid=0)
sshd[12689]: pam_systemd(sshd:session): failed to create session: connection timed out
dbus[617]: [system] failed to activate service 'org.freedesktop.login1': timed out
從日誌中可以看到[system] failed to activate service 'org.freedesktop.login1': timed out
的錯誤,查了下資料,大致意思如下:
dbus的服務重啟後,systemd-logind服務沒有重啟導致,可以檢視systemctl status systemd-logind的狀態,解決方法就是重啟該服務 systemctl restart systemd-logind
重啟systemd-logind服務後,發現ssh可以秒連線了
ssh連線超級慢
修改配置檔案 vim etc ssh sshd config usedns no gssapiauthentication no 1 適用命令及方案如下 遠端連線及執行命令 ssh p22 root 10.0.0.19 ssh p22 root 10.0.0.19 sbin ifconfig 遠端拷...
SSH連線慢優化
測試環境有些機器ssh登入特別慢,每次需要等待好幾秒鐘的時間。由於近期經常使用這幾台機器,對於這種登入慢的問題實在無法再忍受,因此決定還是優化一下。優化方法 修改vim etc ssh sshd config 檔案,主要修改如下兩個引數 gssapiauthentication no usedns ...
linux下各種連線慢的問題
如果ping不慢,但是使用ssh,ftp,mysql連線的時候慢,大部分原因是因為伺服器在嘗試解析你的ip,這在很多時候是沒有必要的。可以禁用這些解析 vsftpd連線慢的問題 修改vsftpd.conf,新增下面一句 reverse lookup enable no ssh連線慢 vi etc s...