ssh 服务突然连接不了案例总结

ssh 服务突然连接不了案例总结

作者: java菜 | 来源:发表于2018-10-22 21:22 被阅读0次

    一台Oracle数据库服务器(Linux版本为Oracle Linux Server release 5.7)今天中午突然出现短暂的ssh连接不上的情况,ssh连接不上的时候,ping服务器正常,使用psping检测端口22也是正常(只返回5个包,没有持续ping),使用SQL Developer可以登录数据库进行任何操作,另外,通过DPA工具发现该服务器的CPU等资源消耗很低(发现数据库服务都正常后,就出去吃饭了),回来时,同事反馈ssh已经正常,错过诊断的大好时机,期间另外一个同事也做了一些检查:




    使用ps -ef | grep sshd 找到sshd的进程,执行下面命令 

    [root@mylnx01~]# ps -eo pid,lstart,etime | grep 3423

    3423Sun Feb 1813:56:112018234-09:01:48

    检查日志信息,发现里面有几条 Did not receive identification string from xxx的信息(部分信息做了脱敏处理)。 

    [root@mylnx01log]# tail -100/var/log/secure

    Oct  814:50:48mylnx01 sshd[4341]: pam_unix(sshd:session): session opened foruser oracle by (uid=0)

    Oct  814:50:49mylnx01 sshd[4341]: pam_unix(sshd:session): session closed foruser oracle

    Oct 1012:26:41mylnx01 sshd[742]: Did not receive identification string from 192.168.xxx.xxx

    Oct 1012:26:41mylnx01 sshd[743]: Did not receive identification string from 192.168.xxx.xxx

    Oct 1012:26:41mylnx01 sshd[790]: Did not receive identification string from 192.168.xxx.xxx

    Oct 1012:26:41mylnx01 sshd[789]: Did not receive identification string from 192.168.xxx.xxx

    Oct 1012:26:41mylnx01 sshd[745]: Did not receive identification string from 192.168.xxx.xxx

    Oct 1012:26:41mylnx01 sshd[744]: Did not receive identification string from 192.168.xxx.xxx

    Oct 1012:26:41mylnx01 sshd[1007]: Connection closed by 192.168.xxx.xxx

    Oct 1012:26:41mylnx01 sshd[1006]: Connection closed by 192.168.xxx.xxx

    Oct 1012:26:41mylnx01 sshd[746]: Did not receive identification string from 192.168.xxx.xxx


    This one below means ssh server waited and did not receive what it needed in a timely fashion. This is typically due to connectivity issues. In an ssh connection, the server first provides its identification string, then waits for the client to then provide its identification string. If there is a loss in connection, or the client just bails, this is what you will see in the logs.

    If someone uses telnet or netcat to fetch your ssh banner, or other various scans, the logs on the server side will show this as well.

    这个错误信息意味着ssh服务由于没有及时收到它所需要的东西,而出现等待现象。 通常是由于连接问题造成。 在ssh连接中,服务器首先提供其标识字符串,然后等待客户端提供其标识字符串。 如果连接丢失,或者客户端刚刚退出,就会出现日志中所看到的内容。



    欢迎工作一到五年的Java工程师朋友们加入Java架构开发: 854393687




        本文标题:ssh 服务突然连接不了案例总结
