linux下SSH遠端連線服務慢解決方案

來源:互聯網
上載者:User

1、適用命令及方案如下:

【遠端連線及執行命令】

ssh -p22 root@10.0.0.19

ssh -p22 root@10.0.0.19 /sbin/ifconfig

【遠程拷貝:推送及拉取】

scp -P22 -r -p /etc root@10.0.0.19:/tmp/

scp -P22 -r -p root@10.0.0.19:/tmp/ /etc

【安全的FTP功能】

sftp -oPort=22 root@10.0.0.19

【無密碼驗證方案】

例如利用sshkey批量分發檔案,執行部署操作。

2、串連慢的主要原因是DNS解析導致

解決方案:

1、在ssh服務端上更改/etc/ssh/sshd_config檔案中的配置為如下內容:

UseDNS no

# GSSAPI options

GSSAPIAuthentication no

然後,執行/etc/init.d/sshd restart重啟sshd進程使上述配置生效,在串連一般就不慢了。

 

2、如果還慢的話,檢查ssh服務端上/etc/hosts檔案中,127.0.0.1對應的主機名稱是否和

uname -n的結果一樣,或者把本機ip和hostname(uname -n結果)加入到/etc/hosts裡。

[root@C64 ~]# uname -nC64[root@C64 ~]# cat /etc/hosts#modi by oldboy 11:12 2013/9/24127.0.0.1   C64 localhost localhost.localdomain localhost4 localhost4.localdomain4::1         localhost localhost.localdomain localhost6 localhost6.localdomain610.0.0.18   C64################

3、利用ssh-v的調試功能尋找慢的原因

其實可以用下面的命令調試為什麼慢的細節(學習這個思路很重要)。

[root@C64 ~]# ssh -v root@10.0.0.19OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010debug1: Reading configuration data /etc/ssh/ssh_configdebug1: Applying options for *debug1: Connecting to 10.0.0.19 [10.0.0.19] port 22.debug1: Connection established.debug1: permanently_set_uid: 0/0debug1: identity file /root/.ssh/identity type -1debug1: identity file /root/.ssh/id_rsa type -1debug1: identity file /root/.ssh/id_dsa type -1debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3debug1: match: OpenSSH_4.3 pat OpenSSH_4*debug1: Enabling compatibility mode for protocol 2.0debug1: Local version string SSH-2.0-OpenSSH_5.3debug1: SSH2_MSG_KEXINIT sentdebug1: SSH2_MSG_KEXINIT receiveddebug1: kex: server->client aes128-ctr hmac-md5 nonedebug1: kex: client->server aes128-ctr hmac-md5 nonedebug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sentdebug1: expecting SSH2_MSG_KEX_DH_GEX_GROUPdebug1: SSH2_MSG_KEX_DH_GEX_INIT sentdebug1: expecting SSH2_MSG_KEX_DH_GEX_REPLYThe authenticity of host '10.0.0.19 (10.0.0.19)' can't be established.RSA key fingerprint is ca:18:42:76:0e:5a:1c:7d:ef:fc:24:75:80:11:ad:f9.Are you sure you want to continue connecting (yes/no)? yes=======>老男孩老師評:這裡就是提示儲存密鑰的互動提示。Warning: Permanently added '10.0.0.19' (RSA) to the list of known hosts.debug1: ssh_rsa_verify: signature correctdebug1: SSH2_MSG_NEWKEYS sentdebug1: expecting SSH2_MSG_NEWKEYSdebug1: SSH2_MSG_NEWKEYS receiveddebug1: SSH2_MSG_SERVICE_REQUEST sentdebug1: SSH2_MSG_SERVICE_ACCEPT receiveddebug1: Authentications that can continue: publickey,passworddebug1: Next authentication method: publickeydebug1: Trying private key: /root/.ssh/identitydebug1: Trying private key: /root/.ssh/id_rsadebug1: Trying private key: /root/.ssh/id_dsadebug1: Next authentication method: passwordroot@10.0.0.19's password:=======>老男孩老師評:這裡就是提示輸入密碼的互動提示。debug1: Authentication succeeded (password).debug1: channel 0: new [client-session]debug1: Entering interactive session.debug1: Sending environment.debug1: Sending env LANG = en_US.UTF-8Last login: Tue Sep 24 10:30:02 2013 from 10.0.0.18在遠端連線時如果慢就可以確定卡在哪了。[root@C64_A ~]# ssh -v oldboy@10.0.0.17OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010debug1: Reading configuration data /etc/ssh/ssh_configdebug1: Applying options for *debug1: Connecting to 10.0.0.17 [10.0.0.17] port 22.debug1: Connection established.debug1: permanently_set_uid: 0/0debug1: identity file /root/.ssh/identity type -1debug1: identity file /root/.ssh/id_rsa type -1debug1: identity file /root/.ssh/id_dsa type 2debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3debug1: match: OpenSSH_5.3 pat OpenSSH*debug1: Enabling compatibility mode for protocol 2.0debug1: Local version string SSH-2.0-OpenSSH_5.3debug1: SSH2_MSG_KEXINIT sentdebug1: SSH2_MSG_KEXINIT receiveddebug1: kex: server->client aes128-ctr hmac-md5 nonedebug1: kex: client->server aes128-ctr hmac-md5 nonedebug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sentdebug1: expecting SSH2_MSG_KEX_DH_GEX_GROUPdebug1: SSH2_MSG_KEX_DH_GEX_INIT sentdebug1: expecting SSH2_MSG_KEX_DH_GEX_REPLYdebug1: Host '10.0.0.17' is known and matches the RSA host key.debug1: Found key in /root/.ssh/known_hosts:2debug1: ssh_rsa_verify: signature correctdebug1: SSH2_MSG_NEWKEYS sentdebug1: expecting SSH2_MSG_NEWKEYSdebug1: SSH2_MSG_NEWKEYS receiveddebug1: SSH2_MSG_SERVICE_REQUEST sentdebug1: SSH2_MSG_SERVICE_ACCEPT receiveddebug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,passworddebug1: Next authentication method: gssapi-keyexdebug1: No valid Key exchange contextdebug1: Next authentication method: gssapi-with-mic

上述配置沒配就發現卡到gssapi這。就大概知道是gssapi的問題。

實際上在linux系統最佳化部分就應該最佳化SSH服務的此處。

本文出自 “老男孩linux營運” 部落格,請務必保留此出處http://oldboy.blog.51cto.com/2561410/1300964

查看本欄目更多精彩內容:http://www.bianceng.cnhttp://www.bianceng.cn/OS/Linux/

相關文章

聯繫我們

該頁面正文內容均來源於網絡整理,並不代表阿里雲官方的觀點,該頁面所提到的產品和服務也與阿里云無關,如果該頁面內容對您造成了困擾,歡迎寫郵件給我們,收到郵件我們將在5個工作日內處理。

如果您發現本社區中有涉嫌抄襲的內容,歡迎發送郵件至: info-contact@alibabacloud.com 進行舉報並提供相關證據,工作人員會在 5 個工作天內聯絡您,一經查實,本站將立刻刪除涉嫌侵權內容。

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.