Linux SSH登录很慢的解决方法(linux ssh 登录)

编辑：rootadmin

推荐整理分享Linux SSH登录很慢的解决方法(linux ssh 登录)，希望有所帮助，仅作参考，欢迎阅读内容。

文章相关热门搜索词:linuxssh登录时间长,linux ssh登录命令,linux ssh登陆慢,linux ssh登陆慢,linux ssh 登录,linuxssh登录时间长,linux ssh登录失败日志,linux ssh登录失败日志,内容如对您有帮助，希望把文章链接给更多的朋友！

使用ssh客户端（如：putty）连接Linux服务器，可能会等待-秒才有提示输入密码。严重影响工作效率。登录很慢，登录上去后速度正常，这种情况主要有两种可能的原因：

1. DNS反向解析问题

OpenSSH在用户登录的时候会验证IP，它根据用户的IP使用反向DNS找到主机名，再使用DNS找到IP地址，最后匹配一下登录的IP是否合法。如果客户机的IP没有域名，或者DNS服务器很慢或不通，那么登录就会很花时间。

解决办法：

在目标服务器上修改sshd服务器端配置,并重启sshd复制代码代码如下:vi /etc/ssh/sshd_configUseDNS no

2. 关闭ssh的gssapi认证

用ssh -v user@server 可以看到登录时有如下信息：复制代码代码如下:debug1: Next authentication method: gssapi-with-micdebug1: Unspecified GSS failure. Minor code may provide more information注：ssh -vvv user@server 可以看到更细的debug信息

解决办法：

修改sshd服务器端配置复制代码代码如下:vi /etc/ssh/ssh_configGSSAPIAuthentication no可以使用ssh -o GSSAPIAuthentication=no user@server登录

GSSAPI ( Generic Security Services Application Programming Interface) 是一套类似Kerberos 5的通用网络安全系统接口。该接口是对各种不同的客户端服务器安全机制的封装，以消除安全接口的不同，降低编程难度。但该接口在目标机器无域名解析时会有问题

使用strace查看后发现，ssh在验证完key之后，进行authentication gssapi-with-mic，此时先去连接DNS服务器，在这之后会进行其他操作复制代码代码如下:[root@--3- ~]# ssh -vvv root@..3.OpenSSH_5.3p1, OpenSSL 1.0.1e-fips Feb debug1: Reading configuration data /etc/ssh/ssh_configdebug1: Applying options for *debug2: ssh_connect: needpriv 0debug1: Connecting to ..3. [..3.] port .debug1: Connection established.debug1: permanently_set_uid: 0/0debug1: identity file /root/.ssh/identity type -1debug1: identity file /root/.ssh/identity-cert type -1debug1: identity file /root/.ssh/id_rsa type -1debug1: identity file /root/.ssh/id_rsa-cert type -1debug1: identity file /root/.ssh/id_dsa type -1debug1: identity file /root/.ssh/id_dsa-cert type -1debug1: identity file /root/.ssh/id_ecdsa type -1debug1: identity file /root/.ssh/id_ecdsa-cert type -1debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3debug1: match: OpenSSH_5.3 pat OpenSSH*debug1: Enabling compatibility mode for protocol 2.0debug1: Local version string SSH-2.0-OpenSSH_5.3debug2: fd 3 setting O_NONBLOCKdebug1: SSH2_MSG_KEXINIT sentdebug3: Wrote bytes for a total of debug1: SSH2_MSG_KEXINIT receiveddebug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha,diffie-hellman-group-exchange-sha1,diffie-hellman-group-sha1,diffie-hellman-group1-sha1debug2: kex_parse_kexinit: ssh-rsa-cert-v@openssh.com,ssh-dss-cert-v@openssh.com,ssh-rsa-cert-v@openssh.com,ssh-dss-cert-v@openssh.com,ssh-rsa,ssh-dssdebug2: kex_parse_kexinit: aes-ctr,aes-ctr,aes-ctr,arcfour,arcfour,aes-cbc,3des-cbc,blowfish-cbc,cast-cbc,aes-cbc,aes-cbc,arcfour,rijndael-cbc@lysator.liu.sedebug2: kex_parse_kexinit: aes-ctr,aes-ctr,aes-ctr,arcfour,arcfour,aes-cbc,3des-cbc,blowfish-cbc,cast-cbc,aes-cbc,aes-cbc,arcfour,rijndael-cbc@lysator.liu.sedebug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-@openssh.com,hmac-sha2-,hmac-sha2-,hmac-ripemd,hmac-ripemd@openssh.com,hmac-sha1-,hmac-md5-debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-@openssh.com,hmac-sha2-,hmac-sha2-,hmac-ripemd,hmac-ripemd@openssh.com,hmac-sha1-,hmac-md5-debug2: kex_parse_kexinit: none,zlib@openssh.com,zlibdebug2: kex_parse_kexinit: none,zlib@openssh.com,zlibdebug2: kex_parse_kexinit:debug2: kex_parse_kexinit:debug2: kex_parse_kexinit: first_kex_follows 0debug2: kex_parse_kexinit: reserved 0debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha,diffie-hellman-group-exchange-sha1,diffie-hellman-group-sha1,diffie-hellman-group1-sha1debug2: kex_parse_kexinit: ssh-rsa,ssh-dssdebug2: kex_parse_kexinit: aes-ctr,aes-ctr,aes-ctr,arcfour,arcfour,aes-cbc,3des-cbc,blowfish-cbc,cast-cbc,aes-cbc,aes-cbc,arcfour,rijndael-cbc@lysator.liu.sedebug2: kex_parse_kexinit: aes-ctr,aes-ctr,aes-ctr,arcfour,arcfour,aes-cbc,3des-cbc,blowfish-cbc,cast-cbc,aes-cbc,aes-cbc,arcfour,rijndael-cbc@lysator.liu.sedebug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-@openssh.com,hmac-sha2-,hmac-sha2-,hmac-ripemd,hmac-ripemd@openssh.com,hmac-sha1-,hmac-md5-debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-@openssh.com,hmac-sha2-,hmac-sha2-,hmac-ripemd,hmac-ripemd@openssh.com,hmac-sha1-,hmac-md5-debug2: kex_parse_kexinit: none,zlib@openssh.comdebug2: kex_parse_kexinit: none,zlib@openssh.comdebug2: kex_parse_kexinit:debug2: kex_parse_kexinit:debug2: kex_parse_kexinit: first_kex_follows 0debug2: kex_parse_kexinit: reserved 0debug2: mac_setup: found hmac-md5debug1: kex: server->client aes-ctr hmac-md5 nonedebug2: mac_setup: found hmac-md5debug1: kex: client->server aes-ctr hmac-md5 nonedebug1: SSH2_MSG_KEX_DH_GEX_REQUEST(<<) sentdebug1: expecting SSH2_MSG_KEX_DH_GEX_GROUPdebug3: Wrote bytes for a total of debug2: dh_gen_key: priv key bits set: /debug2: bits set: /debug1: SSH2_MSG_KEX_DH_GEX_INIT sentdebug1: expecting SSH2_MSG_KEX_DH_GEX_REPLYdebug3: Wrote bytes for a total of debug3: check_host_in_hostfile: host ..3. filename /root/.ssh/known_hostsdebug3: check_host_in_hostfile: host ..3. filename /root/.ssh/known_hostsdebug3: check_host_in_hostfile: match line 8debug1: Host '..3.' is known and matches the RSA host key.debug1: Found key in /root/.ssh/known_hosts:8debug2: bits set: /debug1: ssh_rsa_verify: signature correctdebug2: kex_derive_keysdebug2: set_newkeys: mode 1debug1: SSH2_MSG_NEWKEYS sentdebug1: expecting SSH2_MSG_NEWKEYSdebug3: Wrote bytes for a total of debug2: set_newkeys: mode 0debug1: SSH2_MSG_NEWKEYS receiveddebug1: SSH2_MSG_SERVICE_REQUEST sentdebug3: Wrote bytes for a total of debug2: service_accept: ssh-userauthdebug1: SSH2_MSG_SERVICE_ACCEPT receiveddebug2: key: /root/.ssh/identity ((nil))debug2: key: /root/.ssh/id_rsa ((nil))debug2: key: /root/.ssh/id_dsa ((nil))debug2: key: /root/.ssh/id_ecdsa ((nil))debug3: Wrote bytes for a total of debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,passworddebug3: start over, passed a different list publickey,gssapi-keyex,gssapi-with-mic,passworddebug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,passworddebug3: authmethod_lookup gssapi-keyexdebug3: remaining preferred: gssapi-with-mic,publickey,keyboard-interactive,passworddebug3: authmethod_is_enabled gssapi-keyexdebug1: Next authentication method: gssapi-keyexdebug1: No valid Key exchange contextdebug2: we did not send a packet, disable methoddebug3: authmethod_lookup gssapi-with-micdebug3: remaining preferred: publickey,keyboard-interactive,passworddebug3: authmethod_is_enabled gssapi-with-micdebug1: Next authentication method: gssapi-with-micdebug3: Trying to reverse map address ..3..debug1: Unspecified GSS failure. Minor code may provide more informationCannot determine realm for numeric host addressdebug1: Unspecified GSS failure. Minor code may provide more informationCannot determine realm for numeric host addressdebug1: Unspecified GSS failure. Minor code may provide more informationdebug1: Unspecified GSS failure. Minor code may provide more informationCannot determine realm for numeric host addressdebug2: we did not send a packet, disable methoddebug3: authmethod_lookup publickeydebug3: remaining preferred: keyboard-interactive,passworddebug3: authmethod_is_enabled publickeydebug1: Next authentication method: publickeydebug1: Trying private key: /root/.ssh/identitydebug3: no such identity: /root/.ssh/identitydebug1: Trying private key: /root/.ssh/id_rsadebug3: no such identity: /root/.ssh/id_rsadebug1: Trying private key: /root/.ssh/id_dsadebug3: no such identity: /root/.ssh/id_dsadebug1: Trying private key: /root/.ssh/id_ecdsadebug3: no such identity: /root/.ssh/id_ecdsadebug2: we did not send a packet, disable methoddebug3: authmethod_lookup passworddebug3: remaining preferred: ,passworddebug3: authmethod_is_enabled passworddebug1: Next authentication method: passwordroot@..3.'s password:

Linux中的内置命令和外部命令详解 Linux的命令分为内部命令和外部命令：1.内部命令在系统启动时就调入内存，是常驻内存的，所以执行效率高。2.外部命令是系统的软件功能，用户需要

在Linux中使用命令行计算器GNU bc的方法每个现代的Linux桌面发行版都预装着一个带有图形界面的计算器程序。不过如果你的工作区中全是命令行窗口，那么你一定会在其中的一个命令行窗口中

个高效但不常见的Linux命令 1.mvxxxx{,.bak}等同于mvxxxxxxxx.bak2.esc+.能填充之前命令的最后一个字段3.diff(sshhost1catfile1)(sshhost2catfile2)diff两个远程文件4.ctrl+r然后输入xxx，搜索之前包含xxx