linux下ssh連線慢的原因調查及解決方案

2022-08-30 19:42:08 字數 4721 閱讀 5275

專案中的一台阿里雲,最近一段時間出現ssh的時候,連線非常慢,大概輸入密碼後要10-20秒左右才能連上,以下記錄調查過程及解決辦法

通過網上的一些查詢,發現大都是因為設定dns,hosts或者通過關閉usedns=no gssapiauthentication no的方式來解決,但我的問題和這些不同,首先我是通過ip連線的,不存在dns網域名稱解析的問題,並且sshd_config檔案中的這些設定項也都是no,因此自己通過調查,發現是以下原因引起的:

1.通過[-v]引數,檢視ssh連線的具體過程

demacbook-pro:~ yyq$ ssh -v [email protected] -p xx

openssh_6.9p1, libressl 2.1.8

debug1: reading configuration data /etc/ssh/ssh_config

debug1: connecting to x.x.x.x [x.x.x.x] port xx.

debug1: connection established.

debug1: identity file /users/yyq/.ssh/id_rsa type 1

debug1: key_load_public: no such file or directory

debug1: identity file /users/yyq/.ssh/id_rsa-cert type -1

debug1: identity file /users/yyq/.ssh/id_dsa type 2

debug1: key_load_public: no such file or directory

debug1: identity file /users/yyq/.ssh/id_dsa-cert type -1

debug1: key_load_public: no such file or directory

debug1: identity file /users/yyq/.ssh/id_ecdsa type -1

debug1: key_load_public: no such file or directory

debug1: identity file /users/yyq/.ssh/id_ecdsa-cert type -1

debug1: key_load_public: no such file or directory

debug1: identity file /users/yyq/.ssh/id_ed25519 type -1

debug1: key_load_public: no such file or directory

debug1: identity file /users/yyq/.ssh/id_ed25519-cert type -1

debug1: enabling compatibility mode for protocol 2.0

debug1: local version string ssh-2.0-openssh_6.9

debug1: remote protocol version 2.0, remote software version openssh_7.2p2 ubuntu-4ubuntu2.1

debug1: match: openssh_7.2p2 ubuntu-4ubuntu2.1 pat openssh* compat 0x04000000

debug1: authenticating to x.x.x.x:xx as 'root'

debug1: ssh2_msg_kexinit sent

debug1: ssh2_msg_kexinit received

debug1: kex: server->client [email protected] none

debug1: kex: client->server [email protected] none

debug1: expecting ssh2_msg_kex_ecdh_reply

debug1: server host key: ecdsa-sha2-nistp256 sha256:hictrrpas7yv495ddlnqhsfcnkxvacpx9fwunnvenzu

debug1: host '[x.x.x.x]:xx' is known and matches the ecdsa host key.

debug1: found key in /users/yyq/.ssh/known_hosts:38

debug1: ssh2_msg_newkeys sent

debug1: expecting ssh2_msg_newkeys

debug1: ssh2_msg_newkeys received

debug1: ssh2_msg_service_request sent

debug1: ssh2_msg_service_accept received

debug1: authentications that can continue: publickey,password

debug1: next authentication method: publickey

debug1: offering rsa public key: /users/yyq/.ssh/id_rsa

debug1: authentications that can continue: publickey,password

debug1: offering dsa public key: /users/yyq/.ssh/id_dsa

debug1: authentications that can continue: publickey,password

debug1: trying private key: /users/yyq/.ssh/id_ecdsa

debug1: trying private key: /users/yyq/.ssh/id_ed25519

debug1: next authentication method: password

[email protected]'s password:

首先觀察在要求輸入密碼前有沒有出現耗時的操作?

我的問題並沒有,因此,繼續輸出密碼:

[email protected]'s password: 

debug1: authentication succeeded (password).

authenticated to x.x.x.x ([x.x.x.x]:xx).

debug1: channel 0: new [client-session]

debug1: requesting [email protected]

debug1: entering interactive session.

輸入密碼後,發現停在這裡了,大概10-20秒後,就可以連線上;

通過日誌可以發現,密碼的驗證沒有損耗時間,已經正確驗證通過authentication succeeded (password)

哪麼到底是什麼原因導致的速度這麼慢?

2.開啟伺服器的系統日誌,檢視

tail -f /var/log/auth.log

sshd[12642]: pam_systemd(sshd:session): failed to create session: connection timed out

dbus[617]: [system] failed to activate service 'org.freedesktop.login1': timed out

sshd[12642]: received disconnect from x.x.x.x port 52856:11: disconnected by user

sshd[12642]: disconnected from x.x.x.x port 52856

sshd[12642]: pam_unix(sshd:session): session closed for user root

sshd[12689]: userauth_pubkey: key type ssh-dss not in pubkeyacceptedkeytypes [preauth]

sshd[12689]: accepted password for root from x.x.x.x port 52866 ssh2

sshd[12689]: pam_unix(sshd:session): session opened for user root by (uid=0)

sshd[12689]: pam_systemd(sshd:session): failed to create session: connection timed out

dbus[617]: [system] failed to activate service 'org.freedesktop.login1': timed out

從日誌中可以看到[system] failed to activate service 'org.freedesktop.login1': timed out

的錯誤,查了下資料,大致意思如下:

dbus的服務重啟後,systemd-logind服務沒有重啟導致,可以檢視systemctl status systemd-logind的狀態,解決方法就是重啟該服務 systemctl restart systemd-logind

重啟systemd-logind服務後,發現ssh可以秒連線了

ssh連線超級慢

修改配置檔案 vim etc ssh sshd config usedns no gssapiauthentication no 1 適用命令及方案如下 遠端連線及執行命令 ssh p22 root 10.0.0.19 ssh p22 root 10.0.0.19 sbin ifconfig 遠端拷...

SSH連線慢優化

測試環境有些機器ssh登入特別慢,每次需要等待好幾秒鐘的時間。由於近期經常使用這幾台機器,對於這種登入慢的問題實在無法再忍受,因此決定還是優化一下。優化方法 修改vim etc ssh sshd config 檔案,主要修改如下兩個引數 gssapiauthentication no usedns ...

linux下各種連線慢的問題

如果ping不慢,但是使用ssh,ftp,mysql連線的時候慢,大部分原因是因為伺服器在嘗試解析你的ip,這在很多時候是沒有必要的。可以禁用這些解析 vsftpd連線慢的問題 修改vsftpd.conf,新增下面一句 reverse lookup enable no ssh連線慢 vi etc s...