ssh 连接很慢
ssh 连接很慢, 连接成功以后, 速度回复正常.
这里, 可以用 ssh -v 输出 debug 信息, 以得知具体是哪一步卡住了.
我这里的原因如下:
- 因为版本不匹配导致加密算法不兼容
OpenSSH_8.9p1 Ubuntu-3ubuntu0.10, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /home/yinchao/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 192.168.50.200 [192.168.50.200] port 22.
debug1: Connection established.
debug1: identity file /home/yinchao/local_test type -1
debug1: identity file /home/yinchao/local_test-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.10
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: compat_banner: match: OpenSSH_5.3 pat OpenSSH_5 compat 0x0c000002
debug1: Authenticating to 192.168.50.200:22 as 'yinchao'
debug1: load_hostkeys: fopen /home/yinchao/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha256
debug1: kex: host key algorithm: (no match)
Unable to negotiate with 192.168.50.200 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss
- 因为使用了 gsapi-with-mic 加密算法, 用了一些时间
debug1: Next authentication method: gssapi-with-mic
解决:
可以修改配置文件 /etc/ssh/config, 修改些配置:
PubkeyAcceptedKeyTypes=+ssh-rsa
HostKeyAlgorithms=+ssh-rsa
GSSAPIAuthentication no
或者修改 某一台指定机器时, 使用什么配置 /home/yinchao/.ssh/config:
Host 192.168.50.200
PubkeyAcceptedKeyTypes=+ssh-rsa
HostKeyAlgorithms=+ssh-rsa
GSSAPIAuthentication no
总结
具体情况不一样, 所面临的问题就不一样, 具体是要会使用 ssh -v 选项调试和排查具体的问题.
