我遇到了一个非常有趣的情况。我有一台运行 CentOS5.5 的服务器,每当我尝试使用任何外部接口 ssh 时,都会持续出现 4 秒以上的延迟。每当我使用内部接口时,就不会出现这样的延迟。例如,从 mycomputer2 ssh 进入 mycomputer1 几乎没有延迟,但从 mycomputer2 ssh 进入 mycomputer1.com 会转到外部接口,延迟就在这里发生。/var/log/messages 使用密码登录时会显示此信息,并进行了一些删减:
Mar 18 10:18:06 somecomputer sshd[788]: pam_unix(sshd:auth): authentication failure;
Mar 18 10:18:06 somecomputer sshd[788]: pam_krb5[788]: TGT verified using key for ...
Mar 18 10:18:06 somecomputer sshd[788]: pam_krb5[788]: authentication succeeds for user
Mar 18 10:18:12 somecomputer sshd[788]: Accepted password for user from computer port myport ssh2
Mar 18 10:18:13 somecomputer sshd[788]: pam_unix(sshd:session): session opened for user myuser by (uid=0)
这是 /etc/pam.d/sshd:
auth include system-auth
account required pam_nologin.so
account include system-auth
password include system-auth
session optional pam_keyinit.so force revoke
session include system-auth
session required pam_loginuid.so
session required pam_limits.so
这是系统身份验证:
auth required pam_env.so
auth sufficient pam_unix.so likeauth nullok
auth sufficient pam_krb5.so use_first_pass
auth required pam_deny.so
account required pam_unix.so broken_shadow
account sufficient pam_succeed_if.so uid < 100 quiet
account [default=bad success=ok user_unknown=ignore] pam_krb5.so
account required pam_permit.so
password requisite pam_cracklib.so retry=3
password sufficient pam_krb5.so use_authtok
password sufficient pam_unix.so nullok use_authtok md5 shadow
password required pam_deny.so
session required pam_limits.so
session required pam_unix.so
session required pam_krb5.so use_first_pass
答案1
这是 DNS 问题,添加UseDNS no到 /etc/ssh/sshd_config,重新加载 ssh 并查看是否有变化。