SSH在Centos 6上缓慢登录_Centos_Centos6_Openssh

SSH在Centos 6上缓慢登录

centos

SSH在Centos 6上缓慢登录,centos,centos6,openssh,Centos,Centos6,Openssh,我们有一个服务器集群，有些是Centos 5.9，有些是6.5 如果我使用ssh从5.9机器连接到5.9机器，连接会很快 [user@cn10procms00 ~]$ time ssh cn10proadbe00 "exit;" real 0m0.147s user 0m0.005s sys 0m0.004s [user@cn10procms00 ~]$ time ssh cn10prowidx01 "exit;" real 0m0.113s user 0m0.

我们有一个服务器集群，有些是Centos 5.9，有些是6.5

如果我使用ssh从5.9机器连接到5.9机器，连接会很快

[user@cn10procms00 ~]$ time ssh cn10proadbe00 "exit;"
real    0m0.147s
user    0m0.005s
sys     0m0.004s

[user@cn10procms00 ~]$ time ssh cn10prowidx01 "exit;"
real    0m0.113s
user    0m0.005s
sys     0m0.003s

如果我使用ssh从5.9机器连接到6.5机器，连接会很快

[user@cn10procms00 ~]$ time ssh cn10proadbe00 "exit;"
real    0m0.147s
user    0m0.005s
sys     0m0.004s

[user@cn10procms00 ~]$ time ssh cn10prowidx01 "exit;"
real    0m0.113s
user    0m0.005s
sys     0m0.003s

但是，如果我使用ssh从6.5机器连接到6.5机器，则连接速度会很慢（从6.5机器到5.9机器的ssh连接也是如此）

在详细模式下运行的客户端也显示了同样的情况

[user@cn10prowidx00 ~]$ time ssh -vv cn10prowidx01 "exit;"
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to cn10prowidx01 [xx.xx.xx.xx] port 22.
debug1: Connection established.
debug1: identity file /home/steve.cherry/.ssh/identity type -1
debug1: identity file /home/steve.cherry/.ssh/identity-cert type -1
debug1: identity file /home/steve.cherry/.ssh/id_rsa type -1
debug1: identity file /home/steve.cherry/.ssh/id_rsa-cert type -1
debug1: identity file /home/steve.cherry/.ssh/id_dsa type -1
debug1: identity file /home/steve.cherry/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 144/256
debug2: bits set: 510/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'cn10prowidx01' is known and matches the RSA host key.
debug1: Found key in /home/steve.cherry/.ssh/known_hosts:1
debug2: bits set: 506/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/steve.cherry/id_rsa (0x7fc093834d90)
debug2: key: /home/steve.cherry/.ssh/identity ((nil))
debug2: key: /home/steve.cherry/.ssh/id_rsa ((nil))
debug2: key: /home/steve.cherry/.ssh/id_dsa ((nil))
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/steve.cherry/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: SHA1 fp f1:0a:91:09:e0:61:88:a0:06:5f:b4:ee:12:b9:7d:03:73:c9:42:7d
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug2: callback start
debug2: client_session2_setup: id 0
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug2: channel 0: request env confirm 0
debug1: Sending command: exit;
debug2: channel 0: request exec confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
Transferred: sent 2472, received 2312 bytes, in 0.0 seconds
Bytes per second: sent 61830.6, received 57828.7
debug1: Exit status 0

real    0m1.120s
user    0m0.008s
sys     0m0.005s

有人见过这个吗，有人能帮忙吗

谢谢

Steve

延迟/缓慢是由指定主机名的DNS查找引起的

可能的解决办法：

将
```
UseDNS no
```
添加到
```
/etc/ssh/sshd\u config
```
（如果配置条目已经存在，则将其设置为“no”）
在服务器上的
```
/etc/hosts
```
中添加主机名=>ip的映射

使用

/etc/init.d/sshd Restart重新启动ssh服务器

在/etc/ssh/ssh\u配置中设置GSSAPIAuthentication=no
。

如果要在没有根访问权限的情况下进行测试，请将此文件复制到本地_文件
和使用
ssh -F path/to/local_file ....