问题:putty(Win7)和 linux ssh 服务器之间的密钥交换大约需要 10 秒。在将我的网络移至新位置之前,这种情况没有发生。我连接到 3 个不同的盒子,它们都运行着 debian 发行版。版本范围从 8.0(jessie)到 9.5(stretch)。
延迟发生在任何用户名或密码提示之前。我通常使用私钥身份验证,但即使关闭 Pageant,也没有什么区别,因为延迟发生在任何身份验证之前。
所有 3 个服务器在初始密钥交换期间都有相同的延迟。其中一个服务器的日志输出如下。所有 3 个服务器都挂在完全相同的位置,并给出相同的消息,表示有其他密钥,但 PuTTY 无法识别它们。查看之前和之后的时间:“事件日志:服务器还有 ecdsa-sha2-nistp256/ssh-dss/ssh-rsa 主机密钥,但我们不知道其中任何一个”
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2018.08.11 09:23:10 =~=~=~=~=~=~=~=~=~=~=~=
Event Log: Writing new session log (SSH raw data mode) to file: D:\tmp\putty.log
Event Log: Connecting to 192.168.1.242 port 22
Event Log: We claim version: SSH-2.0-PuTTY_Release_0.70
Incoming raw data at 2018-08-11 09:23:10
Event Log: Server version: SSH-2.0-OpenSSH_6.7p1 Raspbian-5+deb8u3
Event Log: Using SSH protocol version 2
Outgoing packet #0x0, type 20 / 0x14 (SSH2_MSG_KEXINIT)
Outgoing raw data at 2018-08-11 09:23:10
Incoming raw data at 2018-08-11 09:23:10 ........
Incoming packet #0x0, type 20 / 0x14 (SSH2_MSG_KEXINIT)
Event Log: Doing Diffie-Hellman group exchange
Outgoing packet #0x1, type 34 / 0x22 (SSH2_MSG_KEX_DH_GEX_REQUEST)
Outgoing raw data at 2018-08-11 09:23:10 .......
Incoming raw data at 2018-08-11 09:23:10 ........
Incoming packet #0x1, type 31 / 0x1f (SSH2_MSG_KEX_DH_GEX_GROUP)
Event Log: Doing Diffie-Hellman key exchange with hash SHA-256
Outgoing packet #0x2, type 32 / 0x20 (SSH2_MSG_KEX_DH_GEX_INIT) .....
Outgoing raw data at 2018-08-11 09:23:10
Incoming raw data at 2018-08-11 09:23:10
Incoming packet #0x2, type 33 / 0x21 (SSH2_MSG_KEX_DH_GEX_REPLY) ...
Event Log: Server also has ecdsa-sha2-nistp256/ssh-dss/ssh-rsa host keys, but we don't know any of them
Event Log: Host key fingerprint is:
Event Log: ssh-ed25519 256 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Outgoing packet #0x3, type 21 / 0x15 (SSH2_MSG_NEWKEYS)
Outgoing raw data at 2018-08-11 09:23:23
Event Log: Initialised AES-256 SDCTR client->server encryption
Event Log: Initialised HMAC-SHA-256 client->server MAC algorithm
Outgoing raw data at 2018-08-11 09:23:23
Incoming packet #0x3, type 21 / 0x15 (SSH2_MSG_NEWKEYS)
Event Log: Initialised AES-256 SDCTR server->client encryption
Event Log: Initialised HMAC-SHA-256 server->client MAC algorithm
Outgoing packet #0x4, type 5 / 0x05 (SSH2_MSG_SERVICE_REQUEST)
我已经尝试了所有其他解决 ssh 延迟的建议:禁用反向 DNS 查找、修复任何 DNS 问题、禁用 GSSAPIAuthentication。我尝试了来自各个论坛上各种帖子的至少六种其他修复方法。它们都对此没有任何影响。
编辑:我将 openssh 添加到我的 cygwin 中,这样我就可以从 cygwin 毫无延迟地 ssh 到这些盒子中。