|
ssh远程连接有几台机器一直很慢,今晚特么的实在忍受不了,决定看一下。
要知道为什么连接很慢,有个-v参数可以打出debug信息(该参数也可以是-vvv,会更详细一点,貌似其它有些应用也会用-v参数作为debug参数),对帮助问题很有用。
大概类似这样的代码:
01 |
Are you sure you want to continue connecting (yes)? yes |
02 |
Warning: Permanently added '192.168.16.34' (RSA) to the list of known hosts. |
03 |
debug1: ssh_rsa_verify: signature correct |
04 |
debug1: SSH2_MSG_NEWKEYS sent |
05 |
debug1: expecting SSH2_MSG_NEWKEYS |
06 |
debug1: SSH2_MSG_NEWKEYS received |
07 |
debug1: SSH2_MSG_SERVICE_REQUEST sent |
08 |
debug1: SSH2_MSG_SERVICE_ACCEPT received |
09 |
debug1: Authentications that can continue: publickey,gssapi-with-mic,password |
10 |
debug1: Next authentication method: gssapi-with-mic |
11 |
debug1: Unspecified GSS failure. Minor code may provide moreinformation |
12 |
Cannot determine realm for numeric host address |
14 |
debug1: Unspecified GSS failure. Minor code may provide moreinformation |
15 |
Cannot determine realm for numeric host address |
17 |
debug1: Unspecified GSS failure. Minor code may provide moreinformation |
20 |
debug1: Unspecified GSS failure. Minor code may provide moreinformation |
21 |
Cannot determine realm for numeric host address |
23 |
debug1: Next authentication method: publickey |
24 |
debug1: Trying private key: /home/admin/.ssh/identity |
25 |
debug1: Trying private key: /home/admin/.ssh/id_rsa |
26 |
debug1: Offering public key: /home/admin/.ssh/id_dsa |
27 |
debug1: Authentications that can continue: publickey,gssapi-with-mic,password |
28 |
debug1: Next authentication method: password |
其中在debug1: Offering public key: /home/admin/.ssh/id_dsa这一段后卡了好一会,网上搜索一下,大概是DNS解析耗时,查看配置文件/etc/ssh/sshd_config,将UseDNS设置为no即可。
网上也有说是GSSAPIAuthentication造成的。
GSSAPIAuthentication表明是否启用基于GSSAPI的认证方式,你可以设置no关闭。GSSAPI是通用安全服务应用程序接口,相当于是一种安全事务规范。
我做的比较狠,直接全部:
UseDNS no
GSSAPIAuthentication no
如果没有就自己加上,有就修改下,
搞完之后 /etc/init.d/sshd restart 重启一下
(责任编辑:IT) |
