Ok的示例:
- strace -o t ssh -l webdev 172.27.30.141
SUSE刚装完,开始用ssh的时候,总会遇到这样的问题:输入了用户名以后,等半天才出输入密码的框,很是急人。这是dns反查造成的。
解决方法:编辑 /etc/ssh/sshd_conf , 将 #UseDNS yes 取消注释,设为no ,重启sshd
( /etc/rc.d/sshd restart)
UseDNS no //这儿不能写为:No,大写,会出错的
然后:
/etc/rc.d/sshd restart
用户第一次链接新的sshd时,可能出现下面这种错误:
> ssh wcw@192.168.1.100
Host key not found from database.
Key fingerprint:
xofiz-zilip-tokar-rupyb-tufer-tahyc-sibah-kyvuf-palik-hazyt-duxux
You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
warning: tcsetattr failed in ssh_rl_set_tty_modes_for_fd: fd 1: Interrupted system call
解决办法是用:
strace -o t ssh wcw@192.168.1.100
也就是前面加上“strace -o t”,-o的意思如下:
-o file -- send trace output to FILE instead of stderr
这样就可以成功登录,然后退出后用正常的登录办法即可。前面生成的文件t也可以删掉了。
为什么加上strace就可以,具体是什么道理也没搞明白。该方法是google来的,具体链接已经找不到了。。。
- strace -o t ssh -l admin 172.17.150.17*
Host key not found from database.
Key fingerprint:
xuror-ledab-buhim-zohok-tanop-cyrig-tysac-gyhyp-refan-semim-pyxex
You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
Are you sure you want to continue connecting (yes/no)?
好像用这个也成:
- ssh -lroot -p36000 10.160.**.** -q
原因:
strace就是用来跟踪系统跳用和信号的。
这应该是ssh的bug。如果用strace调试的话,这个工具可以影响到信号处理,估计这样一搞就能让你有机会完成getkey之类的动作。
然后,下次再运行的时候本地也就会有正确的配置了。
深层分析:
首先要开ssh服务,查看一下。。
root@unbuntu:/etc# ps -ef |grep ssh
root 3996 1 0 13:51 ? 00:00:00 /usr/sbin/sshd
root 4463 3996 0 15:04 ? 00:00:00 sshd: nova [priv]
sshd 4464 4463 0 15:04 ? 00:00:00 sshd: nova [net]
root 4466 4310 0 15:04 pts/1 00:00:00 grep ssh
root@unbuntu:/etc# strace -p 4464
Process 4464 attached – interrupt to quit
select(4, [3], NULL, NULL, NULL) = 1 (in [3])
read(3, “\210\270\232z-\231lh,\341_\377\351\22X.tNVHFw\25=\310\235″…, 8192) = 144
write(4, “\0\0\0\17\v”, 5) = 5
write(4, “\0\0\0\nnovaserver “, 14) = 14
read(4, “\0\0\0\5″, 4) = 4
read(4, “\f\0\0\0\1″, 5) = 5
write(4, “\0\0\0\0011″, 5) = 5
read(4, “\0\0\0\t”, 4) = 4
read(4, “2\0\0\0\1\0\0\0\0″, 9) = 9
write(3, “\243\273r<\267\245F\374\201H(|~>f\36\337\306\367\341\374″…, 32) = 32
write(4, “\0\0\5/\31″, 5) = 5
write(4, “\0\0\0 \206\347\3\357\16\223\315\23_\267;\32\231\325\263″…, 1326) = 1326
exit_group(0) = ?
Process 4464 detached
上面解析到的就是我的ssh服务的密码,对应的用户是nova… [好害怕...]
上面这些需要开一个ssh的client来验证…
nova@unbuntu:~$ ssh 192.168.150.244 [回车]
nova@192.168.150.244’s password: [确认对端已经监听,解析 strace -p pid ]
Linux unbuntu 2.6.24-19-server #1 SMP Wed Jun 18 15:18:00 UTC 2008 i686
The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.
To access official Ubuntu documentation, please visit:
http://help.ubuntu.com/
Last login: Mon Nov 24 15:02:44 2008 from 192.168.150.244
nova@unbuntu:~$
剩下的,你就可以看你的密码了,其实还有别的工具,truss…
CentOs5.5实际简单示例:
- ssh -lroot -p36000 10.160.**.** -q
- yum install strace
- Installed:
- strace.i386 0:4.5.18-5.el5_5.5
- Complete!
- [root@jackxiang ~]# ps aux|grep ssh
- root 1866 0.0 0.2 7208 756 ? Ss Jun18 0:00 /usr/sbin/sshd
- root 5305 0.4 0.9 10036 2872 ? Ss 10:08 0:00 sshd: root@pts/ 0
- root 5338 0.0 0.2 3996 692 pts/0 D+ 10:09 0:00 grep ssh
- strace -p 5305
- select(9, [3 5 8], [3], NULL, NULL) = 2 (in [8], out [3])
- rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
- rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
- read(8, "\"\\\"\\\\\\\"\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"\\"..., 16384) = 370
- write(3, "\251\\+K\256b\325v\270\27\202\vXQ\246\331\211\234\340a}\271\371\203\344\226>\5|\370}\341"..., 420) = 420
- select(9, [3 5 8], [3], NULL, NULL) = 2 (in [8], out [3])
- rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0