服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 特例ssh连接滞后
Intereting Posts
仅在Tomcat中logging警告和错误 如何制作使用TLS的自签名SSL证书? DNS子域名API? 如何强制ISP删除虚假的反向DNS? rpcbind使用nfs在Fedora 10系统上造成很高的负载 无法在服务器上每24小时运行一次这个简单的cronjob。 哪里不对? 部署多个服务器 当他们的LDAP帐户被禁用时,如何强制mac移动帐户用户注销或locking? 团队速度计算器 find链接的邮箱 解释一下ubuntu 9.04 apache2进程是如何pipe理的 如何pipe理非域join的Windows XP机器上的软件的安装和configuration? Windows 2008 R2 AD服务器无风扇闪存系统 暂时禁用系统中心监控 configurationnginxlogging原始请求者IP(而不是转发代理的IP)

特例ssh连接滞后

build立

我们在办公室有一个DMZ和局域网,通过以下设置连接到外部: 

+------+ | |------> LAN (normal office router) |Modem | | |------> DMZ (a single machine) +------+

我们的互联网账号是Comcast,我们有5个状态IP,其中一个指向DMZ中的单机。

问题

ssh连接发起任何地方除了办公室局域网真的很快 。 但是,从局域网来看,大约有5秒钟的延迟。 WTF?

额外的信息

DMZ机是debian 5。

执行wget到DMZ没有滞后。

当执行以下任何操作时, HERE IS WHERE THE LAG IS INCURRED所有内容都是立即执行的。 

 ssh -vvvv [email protected] ... debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: Wrote 16 bytes for a total of 1015 debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug3: Wrote 48 bytes for a total of 1063 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/shopkins/.ssh/id_rsa (0x22440830) debug2: key: /home/shopkins/.ssh/identity ((nil)) debug2: key: /home/shopkins/.ssh/id_dsa ((nil)) debug3: Wrote 64 bytes for a total of 1127` HERE IS WHERE THE LAG IS INCURRED debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering public key: /home/shopkins/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug3: Wrote 368 bytes for a total of 1495 debug1: Authentications that can continue: publickey,password debug1: Trying private key: /home/shopkins/.ssh/identity debug3: no such identity: /home/shopkins/.ssh/identity debug1: Trying private key: /home/shopkins/.ssh/id_dsa debug3: no such identity: /home/shopkins/.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password [email protected]'s password:

最有可能不得不等待反向DNS查询超时/失败。

尝试在/ etc / ssh / sshd_config中设置 (假设你使用的是openssh的默认安装),看看是否解决了你的问题。 

 UseDNS no

您必须将"UseDNS no"添加到您尝试连接的目标主机上的/ etc / ssh / sshd_config文件中。

注意sshd_configssh_config之间的区别。

您必须重新启动目标主机上的ssh守护进程:

(对于FreeBSD) 

 /etc/rc.d/sshd restart