[root@localhost ~]# ssh -v [email protected] OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.xxx.xxx [192.168.xxx.xxx] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: loaded 3 keys debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3 debug1: match: OpenSSH_4.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.3 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY The authenticity of host '192.168.xxx.xxx (192.168.xxx.xxx)' can't be established. RSA key fingerprint is 04:08:57:22:7e:8d:dc:d3:8e:91:20:d0:ba:d9:ed:78. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.xxx.xxx' (RSA) to the list of known hosts. debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug1: Next authentication method: gssapi-with-mic debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found debug1: Unspecified GSS failure. Minor code may provide more information No credentials cache found debug1: Next authentication method: publickey debug1: Trying private key: /root/.ssh/identity debug1: Trying private key: /root/.ssh/id_rsa debug1: Trying private key: /root/.ssh/id_dsa debug1: Next authentication method: password [email protected]'s password: debug1: Authentication succeeded (password). debug1: channel 0: new [client-session] debug1: Entering interactive session. debug1: Sending environment. debug1: Sending env LANG = en_US.UTF-8 Last login: Sun Sep 6 08:30:47 2015 from 192.168.7.222 [root@ceglnx01 ~]# clip_image001從上面輸出信息看到有關於Unspecified GSS failure,於是我將/etc/ssh/sshd_config(服務器)或/etc/ssh/ssh_config(客戶端)將參數GSSAPIAuthentication設置為no,重啟了sshd服務,測試發現ssh登錄還是很慢。
[root@localhost ~]# service sshd status openssh-daemon (pid 3594) is running... [root@localhost ~]# service sshd restart Stopping sshd: [ OK ] Starting sshd: [ OK ]
那麼原因應該是DNS反向解析的問題,關於DNS反向解析的問題有幾個解決方法: 1:在server上/etc/hosts文件中把常用的ip和hostname加入,然後在/etc/nsswitch.conf看看程序是否先查詢hosts文件 2:在server上/etc/ssh/sshd_config文件中修改或加入UseDNS=no。然後重啟sshd服務 我在/etc/ssh/sshd_config上將UseDNS設置為no,重啟sshd服務後,然後測試ssh連接速度。果然飛快連接上。看來主要還是DNS反向解析的問題。