web-dev-qa-db-ja.com

CentOSでのsshログインが遅い

VMwareにCentOS6.8をインストールしていますが、sshログインプロセスが非常に遅いです。

_-v_オプションを使用して問題を診断しようとしましたが、最後の行で数秒間停止したことがわかりました。

OpenSSH_7.5p1, OpenSSL 1.0.2k 26 Jan 2017 debug1: Connecting to 192.168.17.128 [192.168.17.128] port 22. debug1: Connection established. debug1: identity file /home/theos/.ssh/id_rsa type 1 debug1: key_load_public: No such file or directory debug1: identity file /home/theos/.ssh/id_rsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/theos/.ssh/id_dsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/theos/.ssh/id_dsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/theos/.ssh/id_ecdsa type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/theos/.ssh/id_ecdsa-cert type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/theos/.ssh/id_ed25519 type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/theos/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.5 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000 debug1: Authenticating to 192.168.17.128:22 as 'drizzlex' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: diffie-hellman-group-exchange-sha256 debug1: kex: Host key algorithm: ssh-rsa debug1: kex: server->client cipher: aes128-ctr MAC: [email protected] compression: none debug1: kex: client->server cipher: aes128-ctr MAC: [email protected] compression: none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<3072<8192) sent debug1: got SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: got SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server Host key: ssh-rsa SHA256:9FbIfP7k2QdKsR7iWic5+WehvIeI2C/v8UCNwQws9bs debug1: Host '192.168.17.128' is known and matches the RSA Host key. debug1: Found key in /home/theos/.ssh/known_hosts:2 debug1: rekey after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey after 4294967296 blocks debug1: SSH2_MSG_SERVICE_ACCEPT received

それからそれは続きました

debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: publickey debug1: Offering RSA public key: /home/theos/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 279 debug1: Authentication succeeded (publickey). Authenticated to 192.168.17.128 ([192.168.17.128]:22). debug1: channel 0: new [client-session] debug1: Requesting [email protected] debug1: Entering interactive session. debug1: pledge: network Last login: Sun Apr 16 11:02:29 2017 from 192.168.17.1

どうすればこの問題を解決できますか?

1
DrizzleX

SSHログインが遅いのは、多くの場合、 seDNS/etc/ssh/sshd_config(サーバー側)で有効になっていることが原因です。このオプションは、 OpenSSH 6.8 までデフォルトで有効になっていることに注意してください。

代わりにUseDNS noを設定してみてください。設定が有効になるように、必ずsshdを再起動してください。 kill -HUP <sshd_pid>して構成を再ロードすることもできます。

3
jjlin