特殊情况 ssh 连接滞后

tag-icon tag-icon ssh debian
特殊情况 ssh 连接滞后

设置

我们的办公室有一个 DMZ 和 LAN,它们通过以下设置连接到外部:

+------+
|      |------> LAN (normal office router)
|Modem |
|      |------> DMZ (a single machine)
+------+

我们的互联网帐户在康卡斯特,我们有 5 个状态 IP,其中一个指向 DMZ 中的单台机器。

问题

除办公室局域网外,在任何地方都可以发起 ssh 连接非常快。但是,从局域网来看,大约有 5 秒的延迟。WTF??

额外信息

DMZ 机器是 debian 5。

执行wget到 DMZ 没有滞后。

执行以下操作时,将HERE IS WHERE THE LAG IS INCURRED立即执行所有内容。

ssh -vvvv [email protected]

...
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1015
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1063
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/shopkins/.ssh/id_rsa (0x22440830)
debug2: key: /home/shopkins/.ssh/identity ((nil))
debug2: key: /home/shopkins/.ssh/id_dsa ((nil))
debug3: Wrote 64 bytes for a total of 1127`


HERE IS WHERE THE LAG IS INCURRED


debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/shopkins/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1495
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/shopkins/.ssh/identity
debug3: no such identity: /home/shopkins/.ssh/identity
debug1: Trying private key: /home/shopkins/.ssh/id_dsa
debug3: no such identity: /home/shopkins/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
[email protected]'s password:

答案1

最有可能的是必须等待反向 DNS 查找超时/失败。

尝试设置这个/etc/ssh/sshd_config(假设您使用的是 openssh 的默认安装)并查看是否能解决您的问题。

UseDNS no

答案2

您必须添加"UseDNS no"到文件中/etc/ssh/sshd_config目的地您正在尝试连接的主机。

注意以下区别:sshd_配置ssh_配置

您必须在目标主机上重新启动 ssh 守护程序:

(适用于 FreeBSD)

/etc/rc.d/sshd restart

相关内容