The linux operating system can ping the ssh connection without responding

Enterprise 2021-01-18 22:04:48 views: null

1. Problem description

A data node server frequently fails to connect, and the servers can be pinged but ssh cannot be connected. After logging in with an out-of-band address, the remote control cannot display the normal interface, and it will recover briefly after restarting.

2. Troubleshooting

After restarting the server, I checked that the SSH status of the server was normal. I had no choice but to go to the Redhat official website to mention the case and collect logs and other information feedback from sosreport and wait for the analysis result.

The error message you get when you cannot log in is as follows:
The linux operating system can ping the ssh connection without responding

Please execute the following commands in the system and feed back the output results
# ssh -vvv IP_address</br>
Collect the results of strace
# strace -fvttTyyx -s 4096 -o /tmp/strace.txt ssh IP_address</br>
Collect the output results of the following commands to check if there is any RPM packet loss
# rpm -Va &&gt; rpmva.out</br>

Three. Solution

Uncomment the following entries in the /etc/ssh/sshd_config file and restart the sshd service:
# cat etc/ssh/sshd_config | grep DNS</br> Change
the UseDNS option yes in sshd_config to no and delete
#vi /etc/ssh/sshd_config
UseDNS no
# systemctl restart sshd.service

Restart to solve, ssh is connected and used normally

Four. Reason analysis

  • UseDNS specifies whether sshd should look up the remote host name and checks whether the host name of the resolved remote IP address maps back to the same IP address. The default value is "yes". If this option is set to no, then ~ and the sum in .ssh/authorized_keys and sshd_config matching host instructions can only use addresses, not host names.
  • DNS reverse check. When ssh a certain IP, the system will try to reverse check the corresponding domain name through DNS. If there is no domain name resolution for this IP in DNS, it will wait until the DNS query times out before proceeding to the next step, which consumes a long time.

Please indicate the source of reprinting:
1. The copyright of the original article marked in the blog belongs to the original author heardic;
2. The content of this article may not be reprinted without the permission of the original author, otherwise it will be regarded as an infringement;
3. The source of the reprint or quotation of this article should be indicated And the original author;
4. I reserve the right to pursue investigations for those who do not comply with this statement or use the content of this article illegally.

Guess you like

Origin blog.51cto.com/13906754/2595673
Recommended
The “35-year-old curse” of Chinese coders
蘭雅 CorelDRAW 插件 2024.5.1 国际劳动节版,免费下载
Ranking
Methods and Practices of Manufacturing Data Quality Improvement
Serial port upgrade program for efficient transmission of large firmware
Use KITTI to run LIOSAM and complete the EVO evaluation
Calling methods on string literals (Java)
ActiveMQ and Spring integration (4)
You have to know the HTTPS! ! !
PAT whether Structures and Algorithms 7-4 with a binary search tree (40 rows streamlined structure)
el-upload brings request background
UVA - 1204 Fun Game-like pressure dp
2019-12-28
Daily
More
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)

Code World

© 2018 codetd.com