ssh在发送SSH2请求(1024<;7680<;8192)时卡住
我可以通过networkmanager和openconnect插件连接到vpn。 但当我连接到该公司的服务器时,我得到了以下日志:ssh在发送SSH2请求(1024<;7680<;8192)时卡住,ssh,Ssh,我可以通过networkmanager和openconnect插件连接到vpn。 但当我连接到该公司的服务器时,我得到了以下日志: [root@XSign ssh]# ssh username@xxx -v OpenSSH_7.1p1, OpenSSL 1.0.2d 9 Jul 2015 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to xxx [x.x.x.x] port 22. debug
[root@XSign ssh]# ssh username@xxx -v
OpenSSH_7.1p1, OpenSSL 1.0.2d 9 Jul 2015
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to xxx [x.x.x.x] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH_5* compat 0x0c000000
debug1: Authenticating to xxx:22 as 'username'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr umac-64@openssh.com none
debug1: kex: client->server aes128-ctr umac-64@openssh.com none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<3072<8192) sent
[root@XSign嘘]#嘘username@xxx-v
OpenSSH_7.1p1、OpenSSL 1.0.2d 2015年7月9日
debug1:读取配置数据/etc/ssh/ssh\u config
debug1:连接到xxx[x.x.x.x]端口22。
debug1:已建立连接。
debug1:永久\u设置\u uid:0/0
debug1:key\u load\u public:没有这样的文件或目录
debug1:identity file/root/.ssh/id_rsa type-1
debug1:key\u load\u public:没有这样的文件或目录
debug1:identity file/root/.ssh/id\u rsa-cert类型-1
debug1:key\u load\u public:没有这样的文件或目录
debug1:标识文件/root/.ssh/id_dsa类型-1
debug1:key\u load\u public:没有这样的文件或目录
debug1:identity file/root/.ssh/id_dsa-cert类型-1
debug1:key\u load\u public:没有这样的文件或目录
debug1:identity file/root/.ssh/id_ecdsa type-1
debug1:key\u load\u public:没有这样的文件或目录
debug1:identity file/root/.ssh/id_ecdsa-cert type-1
debug1:key\u load\u public:没有这样的文件或目录
debug1:identity file/root/.ssh/id_ed25519 type-1
debug1:key\u load\u public:没有这样的文件或目录
debug1:identity file/root/.ssh/id_ed25519-cert type-1
debug1:启用协议2.0的兼容模式
debug1:本地版本字符串SSH-2.0-OpenSSH_7.1
debug1:远程协议版本2.0,远程软件版本OpenSSH_5.3
debug1:匹配:OpenSSH_5.3 pat OpenSSH_5*compat 0x0000000
debug1:以“用户名”身份验证到xxx:22
debug1:SSH2\u MSG\u KEXINIT已发送
debug1:SSH2\u MSG\u KEXINIT已收到
debug1:kex:server->client aes128 ctr umac-64@openssh.com没有一个
debug1:kex:client->server aes128 ctr umac-64@openssh.com没有一个
debug1:SSH2\u MSG\u KEX\u DH\u GEX\u请求(1024尝试调整MTU大小。
我也遇到了同样的问题(另一个隧道),将MTU大小设置为更小的值为我解决了问题。MACs hmac-md5、hmac-sha1、umac-64@openssh.com,hmac-ripemd160
取消/etc/ssh/ssh_config中第行上方的记录,解决了问题。您的目标服务器似乎不支持现代HMAC,只允许较旧(可能不安全)的HMAC。因此,源计算机上的默认ssh客户端设置阻止了连接
您可以根据具体情况对此进行覆盖,例如:
ssh -m umac-64@openssh.com targetserver
ssh -m hmac-sha1 targetserver
ssh -m hmac-md5 targetserver
或者,正如上面@hacksign所建议的,您可以通过在/etc/ssh/ssh\u config
中取消对以下行的注释,永久允许使用(可能)不安全的HMAC:
MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
你能发布更详细的日志吗(使用-vvv
)看看它到底挂在哪里吗?有时会出现长串的密码、KEXS和MACS,还有一些防火墙或其他工具。前一台笔记本电脑的版本是什么?StAccess是软件开发问题。你应该考虑一下。或者你在XXX之后有一个连接被关闭了吗?我和山姆有类似的问题。e症状。MACs hmac-md5、hmac-sha1、umac-64@openssh.com,hmac-ripemd160撤消/etc/ssh/ssh_config中行上方的文档,解决了该问题。