ubuntu无法ssh到远程服务器
来源:互联网 发布:日本人学中文 知乎 编辑:程序博客网 时间:2024/06/05 07:20
1 问题
openstack环境下创建了一个虚拟机,为虚拟机分配了浮动IP: 192.168.50.61。但是从ubuntu14.04服务器192.168.50.5上无法ssh到虚拟机服务器,SSH xxx@ip 就没有反应,也没有报错,可以PING通对方,TELNET对方的22端口也是通的。
使用ssh -vv看卡在哪里,出现错误:
root@node5:~# ssh -vv ubuntu@192.168.50.61OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014debug1: Reading configuration data /etc/ssh/ssh_configdebug1: /etc/ssh/ssh_config line 19: Applying options for *debug2: ssh_connect: needpriv 0debug1: Connecting to 192.168.50.61 [192.168.50.61] port 22.debug1: Connection established.debug1: permanently_set_uid: 0/0debug1: identity file /root/.ssh/id_rsa type -1debug1: identity file /root/.ssh/id_rsa-cert type -1debug1: identity file /root/.ssh/id_dsa type -1debug1: identity file /root/.ssh/id_dsa-cert type -1debug1: identity file /root/.ssh/id_ecdsa type -1debug1: identity file /root/.ssh/id_ecdsa-cert type -1debug1: identity file /root/.ssh/id_ed25519 type -1debug1: identity file /root/.ssh/id_ed25519-cert type -1debug1: Enabling compatibility mode for protocol 2.0debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8 pat OpenSSH_6.6.1* compat 0x04000000debug2: fd 3 setting O_NONBLOCKdebug1: SSH2_MSG_KEXINIT sent...debug1: sending SSH2_MSG_KEX_ECDH_INITdebug1: expecting SSH2_MSG_KEX_ECDH_REPLY
2 方法
查看原因是在192.168.50.5服务器上mtu设置太大:http://www.snailbook.com/faq/mtu-mismatch.auto.html
Change the network interface MTU to solve it. This is a bug for ubuntu 14.04.This worked for me:sudo ip li set mtu 1200 dev wlan0Or:sudo ifconfig wlan0 mtu 1200参考:https://superuser.com/questions/568891/ssh-works-in-putty-but-not-terminal
查看本机:
root@node5:~# ip l1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:002: p5p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether ac:16:2d:0b:a8:9b brd ff:ff:ff:ff:ff:ff
修改网卡mtu后问题解决。
root@node5:~# ip li set mtu 1200 dev p5p1root@node5:~# ssh ubuntu@192.168.50.61ubuntu@192.168.50.61's password: root@node5:~# ip l1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:002: p5p1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1200 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether ac:16:2d:0b:a8:9b brd ff:ff:ff:ff:ff:ff
3 其它方法
3.1 echo "1200" > /sys/class/net/eth0/mtu
现象:主机间互通正常且可以判断对方ssh端口是开放的,但是用ssh xxx.xxx.xxx.xxx -v这种方式连接的时候会卡在debug1: SSH2_MSG_KEXINIT sent这步
解决方法:echo "1200" > /sys/class/net/eth0/mtu
原因:详情参考http://techbackground.blogspot.com/2013/06/path-mtu-discovery-and-gre.html 简单解释就是IPV4报头与GRE报头结构不同,导致GRE数据包最大内容载荷只有1454,默认mtu如果是1500的话,就会有46字节的内容无法处理导致错误
3.2 修改/etc/ssh/ssh_config
The solution was found here: SSH works in putty but not terminal
in Ubuntu 13.10/12.10, login and gain sudo access.
Edit /etc/ssh/ssh_config
, uncomment the following lines
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbcGSSAPIAuthentication yesGSSAPIDelegateCredentials noMACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
Add the following line
HostKeyAlgorithms ssh-rsa,ssh-dss
You should end up with your /etc/ssh/ssh_config
file looking like this
Host *Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbcMACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160SendEnv LANG LC_*HashKnownHosts yesGSSAPIAuthentication yesGSSAPIDelegateCredentials noHostKeyAlgorithms ssh-rsa,ssh-dss
Now run ssh -T -v git@github.com
and it will ask you to add the server to your known hosts file. Hit yes, and then it should welcome you to the server.
3.3 修改内核
局域网里到WINDOWS使用PUTTY是可以链接到远程主机到
真是奇怪呀
uncoffee@suncoffee:~$ ssh -v IP
OpenSSH_5.5p1 Debian-4ubuntu4, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to IP [IP] port 22.
debug1: Connection established.
debug1: identity file /home/suncoffee/.ssh/id_rsa type -1
debug1: identity file /home/suncoffee/.ssh/id_rsa-cert type -1
debug1: identity file /home/suncoffee/.ssh/id_dsa type -1
debug1: identity file /home/suncoffee/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.9p1
debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.5p1 Debian-4ubuntu4
debug1: SSH2_MSG_KEXINIT sent
到这里就停了,没有反应了
net.ipv4.tcp_rmem = 4096 87380 207520
4 如何修改内核
查看当前系统参数sysctl -a
手动修改(当前有效,重启后无效)joy@joy:~$ cat /proc/sys/net/ipv4/icmp_echo_ignore_all0joy@joy:~$ echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
命令修改(当前有效,重启后无效)sysctl -w net.ipv4.icmp_echo_ignore_all=1 (参数名与=文件路径去掉/proc/sys/,且"/ "改成".")
配置文件中修改(当前无效,重启永久生效)vim /etc/sysctl.conf添加net.ipv4.icmp_echo_ignore_all=1
让其修改后立刻生效 sysctl -p
参数迁移1、当初当前主机所有配置sysctl -a > mysys.conf
2、拷贝到其他主机并执行sysctl -p -f mysys.conf
3、如果使用2套参数文件后性能大不相同,可对比2个参数文件
- ubuntu无法ssh到远程服务器
- 无法SSH到Ubuntu
- ssh 远程 linux Ubuntu服务器
- Ubuntu 开发服务器配置(SSH server,登陆到远程服务器进行文件共享)
- Xsehll 无法远程登录阿里云Ubuntu服务器——ssh拒绝登陆
- Ubuntu无法ssh远程连接问题
- Ubuntu ssh远程无法连接问题
- Ubuntu 16.04 SSH 无法远程登录问题
- ubuntu使用ssh连接远程服务器
- Ubuntu下通过SSH远程登录服务器
- Ubuntu配置SSH远程登录服务器
- Ubuntu下使用ssh连接远程服务器
- Ubuntu 安装ssh远程登录服务器
- ssh 上传到远程服务器和从远程服务器下载
- jenkins ssh插件远程到ubuntu服务器上使用docker命令
- mac 终端ssh远程连接到服务器
- ssh免登录到远程服务器
- SSH无法连接到RHEL服务器
- 科技和法律:"换头术"背后我们应该思考什么?
- 这几个争做数据圈清流的公众号,你都知道吗?
- mybatis一对多,多对一关系resultMap写法
- 开关电源认识
- error LNK2001: 无法解析的外部符号 "public: virtual long __stdcall CBaseFilter
- ubuntu无法ssh到远程服务器
- ROI平均提升78%,AI机器人投放钻展成今年双11新亮点
- android studio升级到3.0之后的一个运行错误
- 函数的默认参数
- 自定义 hashCode()
- coverage 测试代码覆盖率
- 中国政法大学数据安全与应用规范研究基地正式成立
- Redis数据结构详解之List(二)
- 安装setuptools