SSH is slow to make a connection
1. su
2. vi /etc/ssh/sshd_config
3. add UseDNS no
4. /etc/init.d/sshd restart
使用strace命令来跟踪慢的问题
- 检查服务器SSH配置文件(sshd_config)的UseDNS配置项是否开启
vi /etc/ssh/sshd_config
- 该配置文件,默认会有一个注释的(#UseDNS yes)配置项,但该项的缺省值是yes,所以需要显式地设置为no
-
#UseDNS yes -
UseDNS no
注:UseDNS配置项主要用于安全加固,默认为yes开启时,连接过程慢是因为客户端(Client)通过SSH协议连接服务端(Server)时,服务端会进行4次的DNS反向解析请求(每次请求失败间隔5s),即服务端会根据客户端的IP进行DNS反向解析查询出客户端的主机名,然后再根据查询出的主机名进行DNS正向解析,最后验证解析出来的IP与原始客户端IP是否一致,已达到防止客户端欺骗的目的。如果我们的客户端IP在DNS服务器中没有配置PTR反向解析记录,那么就会导致请求无响应,直至请求超时才会进行下一步的SSH连接。
- 重启ssh服务
service sshd restart
vscode sftp插件问题:
https://github.com/liximomo/vscode-sftp/wiki/Common-Config
更改connectTimeout的值即可完成最大超时时间的配置,改成300,
默认值是:
connectTimeout
number - the maximum connection time
Default
10000
SFTP点上传有时候没有反应,我们观察下正常的上传日志:
run command 'Upload File'
[03-09 00:59:15] [warn] ENOENT: no such file or directory, open 'C:\Users\Admin\.ssh\config' load C:\Users\Admin\.ssh\config failed
[03-09 00:59:15] [trace] handle upload file for e:xxx.js
[03-09 00:59:15] [debug] Local ident: 'SSH-2.0-ssh2js0.4.5'
[03-09 00:59:15] [debug] Client: Trying 7.13.18.230 on port 19800 ...
[03-09 00:59:15] [debug] Client: Connected
[03-09 00:59:15] [debug] Remote ident: 'SSH-2.0-OpenSSH_7.4'
[03-09 00:59:15] [debug] Outgoing: Writing KEXINIT
[03-09 00:59:15] [debug] DEBUG: Comparing KEXINITs ...
[03-09 00:59:15] [debug] (local) KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
[03-09 00:59:15] [debug] (remote) KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
[03-09 00:59:15] [debug] KEX algorithm: ecdh-sha2-nistp256
[03-09 00:59:15] [debug] (local) Host key formats: ssh-ed25519,ssh-rsa,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
[03-09 00:59:15] [debug] (remote) Host key formats: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
[03-09 00:59:15] [debug] Host key format: ssh-ed25519
[03-09 00:59:15] [debug] (local) Client->Server ciphers: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm,aes128-gcm@openssh.com,aes256-gcm,aes256-gcm@openssh.com
[03-09 00:59:15] [debug] (remote) Client->Server ciphers: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
[03-09 00:59:15] [debug] Client->Server Cipher: aes128-ctr
[03-09 00:59:15] [debug] (local) Server->Client ciphers: aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm,aes128-gcm@openssh.com,aes256-gcm,aes256-gcm@openssh.com
[03-09 00:59:15] [debug] (remote) Server->Client ciphers: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,cast128-cbc,3des-cbc
[03-09 00:59:15] [debug] Server->Client Cipher: aes128-ctr
[03-09 00:59:15] [debug] (local) Client->Server HMAC algorithms: hmac-sha2-256,hmac-sha2-512,hmac-sha1
[03-09 00:59:15] [debug] (remote) Client->Server HMAC algorithms: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
[03-09 00:59:15] [debug] Client->Server HMAC algorithm: hmac-sha2-256
[03-09 00:59:15] [debug] (local) Server->Client HMAC algorithms: hmac-sha2-256,hmac-sha2-512,hmac-sha1
[03-09 00:59:15] [debug] (remote) Server->Client HMAC algorithms: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
[03-09 00:59:15] [debug] Server->Client HMAC algorithm: hmac-sha2-256
[03-09 00:59:15] [debug] (local) Client->Server compression algorithms: none,zlib@openssh.com,zlib
[03-09 00:59:15] [debug] (remote) Client->Server compression algorithms: none,zlib@openssh.com
[03-09 00:59:15] [debug] Client->Server compression algorithm: none
[03-09 00:59:15] [debug] (local) Server->Client compression algorithms: none,zlib@openssh.com,zlib
[03-09 00:59:15] [debug] (remote) Server->Client compression algorithms: none,zlib@openssh.com
[03-09 00:59:15] [debug] Server->Client compression algorithm: none
[03-09 00:59:15] [debug] Outgoing: Writing KEXECDH_INIT
[03-09 00:59:16] [debug] DEBUG: Checking host key format
[03-09 00:59:16] [debug] DEBUG: Checking signature format
[03-09 00:59:16] [debug] DEBUG: Verifying host fingerprint
[03-09 00:59:16] [debug] DEBUG: Host accepted by default (no verification)
[03-09 00:59:16] [debug] DEBUG: Verifying signature
[03-09 00:59:16] [debug] Outgoing: Writing NEWKEYS
[03-09 00:59:16] [debug] Outgoing: Writing SERVICE_REQUEST (ssh-userauth)
[03-09 00:59:16] [debug] Outgoing: Writing USERAUTH_REQUEST (none)
[03-09 00:59:16] [debug] Client: none auth failed
[03-09 00:59:16] [debug] Outgoing: Writing USERAUTH_REQUEST (password)
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_OPEN (0, session)
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_REQUEST (0, subsystem: sftp)
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing MKDIR
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing LSTAT
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing OPEN
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing FSTAT
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing FSETSTAT
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing WRITE
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing WRITE
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing WRITE
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing WRITE
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing FSETSTAT
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [debug] Outgoing: Writing CLOSE
[03-09 00:59:16] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 00:59:16] [info] local ➞ remote e:\xxx.js
[03-09 00:59:46] [debug] Outgoing: Writing ping (GLOBAL_REQUEST: keepalive@openssh.com)
有时候点xx.js上传几秒没有反应,这时候又点击上传,有反应了:
03-09 01:05:01] [trace] run command 'Upload File'
[03-09 01:05:01] [trace] run command 'Upload File'
[03-09 01:05:01] [trace] handle upload file fore:\xx.js
[03-09 01:05:01] [trace] handle upload file fore:\xx.js
[03-09 01:05:01] [debug] Outgoing: Writing MKDIR
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing MKDIR
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing LSTAT
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing LSTAT
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing OPEN
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing OPEN
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing FSTAT
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing FSTAT
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing FSETSTAT
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing FSETSTAT
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing WRITE
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing WRITE
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing WRITE
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing WRITE
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing WRITE
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing WRITE
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing WRITE
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing WRITE
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing WRITE
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing WRITE
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:01] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:02] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:02] [debug] Outgoing: Writing WRITE
[03-09 01:05:02] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:02] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:02] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:02] [debug] Outgoing: Writing WRITE
[03-09 01:05:02] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:02] [debug] Outgoing: Writing FSETSTAT
[03-09 01:05:02] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:02] [debug] Outgoing: Writing WRITE
[03-09 01:05:02] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:02] [debug] Outgoing: Writing CLOSE
[03-09 01:05:02] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:02] [debug] Outgoing: Writing FSETSTAT
[03-09 01:05:02] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:02] [info] local ➞ remotee:\xx.js
[03-09 01:05:03] [debug] Outgoing: Writing CLOSE
[03-09 01:05:03] [debug] Outgoing: Writing CHANNEL_DATA (0)
[03-09 01:05:03] [info] local ➞ remotee:\xx.js
有时候是这里没有反应:
03-09 02:02:07] [debug] Outgoing: Writing ping (GLOBAL_REQUEST: keepalive@openssh.com)
[03-09 02:02:37] [debug] Outgoing: Writing ping (GLOBAL_REQUEST: keepalive@openssh.com)
[03-09 02:03:42] [debug] Outgoing: Writing ping (GLOBAL_REQUEST: keepalive@openssh.com)
[03-09 02:04:36] [debug] Outgoing: Writing ping (GLOBAL_REQUEST: keepalive@openssh.com)
[03-09 02:06:12] [debug] Outgoing: Writing ping (GLOBAL_REQUEST: keepalive@openssh.com)
[03-09 02:07:24] [debug] Outgoing: Writing ping (GLOBAL_REQUEST: keepalive@openssh.com)
[03-09 02:08:38] [debug] Outgoing: Writing ping (GLOBAL_REQUEST: keepalive@openssh.com)
[03-09 02:09:56] [debug] Outgoing: Writing ping (GLOBAL_REQUEST: keepalive@openssh.com)
经常是上面这种情况。