设置
我们的办公室有一个 DMZ 和 LAN,它们通过以下设置连接到外部:
+------+
| |------> LAN (normal office router)
|Modem |
| |------> DMZ (a single machine)
+------+
我们的互联网帐户在康卡斯特,我们有 5 个状态 IP,其中一个指向 DMZ 中的单台机器。
问题
除办公室局域网外,在任何地方都可以发起 ssh 连接非常快。但是,从局域网来看,大约有 5 秒的延迟。WTF??
额外信息
DMZ 机器是 debian 5。
执行wget
到 DMZ 没有滞后。
执行以下操作时,将HERE IS WHERE THE LAG IS INCURRED
立即执行所有内容。
ssh -vvvv [email protected]
...
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1015
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 48 bytes for a total of 1063
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/shopkins/.ssh/id_rsa (0x22440830)
debug2: key: /home/shopkins/.ssh/identity ((nil))
debug2: key: /home/shopkins/.ssh/id_dsa ((nil))
debug3: Wrote 64 bytes for a total of 1127`
HERE IS WHERE THE LAG IS INCURRED
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/shopkins/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 368 bytes for a total of 1495
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/shopkins/.ssh/identity
debug3: no such identity: /home/shopkins/.ssh/identity
debug1: Trying private key: /home/shopkins/.ssh/id_dsa
debug3: no such identity: /home/shopkins/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
[email protected]'s password:
答案1
最有可能的是必须等待反向 DNS 查找超时/失败。
尝试设置这个/etc/ssh/sshd_config(假设您使用的是 openssh 的默认安装)并查看是否能解决您的问题。
UseDNS no
答案2
您必须添加"UseDNS no"
到文件中/etc/ssh/sshd_config在目的地您正在尝试连接的主机。
注意以下区别:sshd_配置和ssh_配置。
您必须在目标主机上重新启动 ssh 守护程序:
(适用于 FreeBSD)
/etc/rc.d/sshd restart