我正在尝试使用Rocketeer将Laravel站点部署到开发服务器(基于cPanel)。 我在维护SSH连接时遇到问题,服务器在初始build立连接后正在断开连接。
这个过程最初可以build立一个连接,而且我知道我的公钥authentication正在工作,因为我能够使用语法ssh [email protected]直接连接到服务器。
grepped上显示相关行的服务器上的日志文件如下:
root@cyrus [/var/log]# cat secure | grep 79.125.223.206 Jul 23 05:55:26 tri sshd[8502]: Received disconnect from 79.125.223.206: 11: Jul 23 05:55:51 tri sshd[8532]: Connection closed by 79.125.223.206 Jul 23 05:56:01 tri sshd[8538]: Accepted publickey for nrfiorg from 79.125.223.206 port 54142 ssh2 Jul 23 05:56:09 tri sshd[8542]: Received disconnect from 79.125.223.206: 11: disconnected by user Jul 23 05:56:18 tri sshd[8588]: Received disconnect from 79.125.223.206: 11: Jul 23 05:56:54 tri sshd[8601]: Received disconnect from 79.125.223.206: 11: Jul 23 05:57:05 tri sshd[8607]: Received disconnect from 79.125.223.206: 11: Jul 23 05:58:43 tri sshd[8668]: Accepted password for nrfiorg from 79.125.223.206 port 54521 ssh2 Jul 23 05:58:45 tri sshd[8672]: Received disconnect from 79.125.223.206: 11: Jul 23 05:58:47 tri sshd[8698]: Accepted password for nrfiorg from 79.125.223.206 port 54524 ssh2 Jul 23 05:58:48 tri sshd[8702]: Received disconnect from 79.125.223.206: 11: Jul 23 05:58:50 tri sshd[8720]: Accepted password for nrfiorg from 79.125.223.206 port 54527 ssh2 Jul 23 05:58:51 tri sshd[8733]: Received disconnect from 79.125.223.206: 11: Jul 23 06:01:36 tri sshd[8997]: Accepted password for nrfiorg from 79.125.223.206 port 54960 ssh2 Jul 23 06:01:38 tri sshd[9001]: Received disconnect from 79.125.223.206: 11: Jul 23 06:03:10 tri sshd[9083]: Accepted password for nrfiorg from 79.125.223.206 port 55237 ssh2 Jul 23 06:03:12 tri sshd[9091]: Received disconnect from 79.125.223.206: 11: Jul 23 06:03:16 tri sshd[9117]: Accepted password for nrfiorg from 79.125.223.206 port 55266 ssh2 Jul 23 06:03:17 tri sshd[9121]: Received disconnect from 79.125.223.206: 11: Jul 23 06:03:21 tri sshd[9152]: Accepted password for nrfiorg from 79.125.223.206 port 55295 ssh2 Jul 23 06:03:23 tri sshd[9160]: Received disconnect from 79.125.223.206: 11: Jul 23 06:03:25 tri sshd[9186]: Accepted password for nrfiorg from 79.125.223.206 port 55322 ssh2 Jul 23 06:03:27 tri sshd[9190]: Received disconnect from 79.125.223.206: 11: Jul 23 06:03:43 tri sshd[9216]: Accepted password for nrfiorg from 79.125.223.206 port 55349 ssh2 Jul 23 06:03:44 tri sshd[9220]: Received disconnect from 79.125.223.206: 11: Jul 23 06:04:46 tri sshd[9394]: Accepted password for nrfiorg from 79.125.223.206 port 55576 ssh2 Jul 23 06:04:47 tri sshd[9398]: Received disconnect from 79.125.223.206: 11: Jul 23 06:07:12 tri sshd[9560]: Accepted password for nrfiorg from 79.125.223.206 port 55932 ssh2 Jul 23 06:07:14 tri sshd[9566]: Received disconnect from 79.125.223.206: 11: Jul 23 06:07:45 tri sshd[9588]: Accepted password for nrfiorg from 79.125.223.206 port 56019 ssh2 Jul 23 06:07:47 tri sshd[9592]: Received disconnect from 79.125.223.206: 11: Jul 23 06:40:35 tri sshd[10908]: Accepted publickey for nrfiorg from 79.125.223.206 port 60920 ssh2 Jul 23 06:40:52 tri sshd[10914]: Received disconnect from 79.125.223.206: 11: disconnected by user Jul 23 06:41:15 tri sshd[10997]: Accepted publickey for root from 79.125.223.206 port 61639 ssh2 root@cyrus [/var/log]# cat lfd.log | grep 79.125.223.206 Jul 23 13:24:36 cyrus lfd[10267]: *WHM/cPanel root access* from 79.125.223.206 root@cyrus [/var/log]# cat messages | grep 79.125.223.206 root@cyrus [/var/log]#
从上面可以看出,build立连接后,连接会下降1-2秒。
相同的部署脚本的configuration方式完全相同,但部署到不同基于cPanel的计算机上的登台服务器上执行成功。
这两个cPanel服务器已被configuration为相同的方式,但有可能是在两台服务器上configuration防火墙的方式可能有细微的差异,但是,我不知道如何可以区分两台机器上的防火墙configuration,以查看如果有任何细微的差别可能阻止dev服务器维护连接并执行部署脚本。
任何意见将不胜感激。
谢谢。
好的,有一些差异。
为了方便起见,我将调用有问题的服务器dev以及工作staging服务器dev 。
dev :PasswordAuthentication yes
staging :PasswordAuthentication no
dev :X11转发没有staging :X11转发是的
两者都有csf有一些区别:
dev :DROP_OUT_LOGGING =“1” staging :DROP_OUT_LOGGING =“0”
dev :LF_SSHD =“20” staging :LF_SSHD =“5”
dev :LF_SSHD_PERM =“3600” staging :LF_SSHD_PERM =“1”
dev :CT_LIMIT =“300” staging :CT_LIMIT =“0”
dev :CT_INTERVAL =“120” staging :CT_INTERVAL =“30”
dev :CT_SKIP_TIME_WAIT =“1” staging :CT_SKIP_TIME_WAIT =“0”
您的防火墙在dev和staging之间有一些与ssh相关的差异:
dev:LF_SSHD =“20”staging:LF_SSHD =“5”
dev:LF_SSHD_PERM =“3600”staging:LF_SSHD_PERM =“1”
这些值用于阻止试图连接太频繁的IP地址。 由于您正在重试部署脚本,因此您可能会触发最大值。 您应该更改登台服务器上的值以匹配dev服务器上的值。