[root@ok 6FE5-D831]# ssh -v xxx.xxx.xxx.64
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips Feb
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to xxx.xxx.xxx.64 [60.205.149.41] port .
debug1: Connection established.
debug1: permanently_set_uid: /
debug1: identity file /root/.ssh/identity type -
debug1: identity file /root/.ssh/identity-cert type -
debug1: identity file /root/.ssh/id_rsa type -
debug1: identity file /root/.ssh/id_rsa-cert type -
debug1: identity file /root/.ssh/id_dsa type -
debug1: identity file /root/.ssh/id_dsa-cert type -
debug1: identity file /root/.ssh/id_ecdsa type -
debug1: identity file /root/.ssh/id_ecdsa-cert type -
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.
debug1: match: OpenSSH_5. pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(<<) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '60.205.149.41' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic #卡在这里大该半分钟
debug1: Unspecified GSS failure. Minor code may provide more information
Cannot determine realm for numeric host address debug1: Unspecified GSS failure. Minor code may provide more information
Cannot determine realm for numeric host address debug1: Unspecified GSS failure. Minor code may provide more information debug1: Unspecified GSS failure. Minor code may provide more information
Cannot determine realm for numeric host address debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel : new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env XMODIFIERS = @im=ibus
debug1: Sending env LANG = en_US.UTF- Welcome to aliyun Elastic Compute Service!
原来是因为尝试了个没有意义而且会失败的 gssapi-with-mic 认证方式浪费了时间,打开(本地主机“注意是本地主机---我用的是linux系统”) /etc/ssh/ssh_config 把里面的 GSSAPIAuthentication yes 改成 no 关掉它,即可让 ssh 直接尝试美妙的 publickey 认证方式。修改后,重启/etc/init.d/sshd服务
[root@GitLab ~]# exitdebug1: client_input_channel_req: channel rtype exit-status reply
debug1: client_input_channel_req: channel rtype eow@openssh.com reply logout
debug1: channel : free: client-session, nchannels
Connection to 10.100.2.84 closed.
Transferred: sent , received bytes, in 17.2 seconds
Bytes per second: sent 152.2, received 136.8
debug1: Exit status
[root@ok ssh]# time ssh -v 60.205.149.41 exit
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips Feb
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 60.205.149.41 [60.205.149.41] port .
debug1: Connection established.
debug1: permanently_set_uid: /
debug1: identity file /root/.ssh/identity type -
debug1: identity file /root/.ssh/identity-cert type -
debug1: identity file /root/.ssh/id_rsa type -
debug1: identity file /root/.ssh/id_rsa-cert type -
debug1: identity file /root/.ssh/id_dsa type -
debug1: identity file /root/.ssh/id_dsa-cert type -
debug1: identity file /root/.ssh/id_ecdsa type -
debug1: identity file /root/.ssh/id_ecdsa-cert type -
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.
debug1: match: OpenSSH_5. pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(<<) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '60.205.149.41' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel : new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env XMODIFIERS = @im=ibus
debug1: Sending env LANG = en_US.UTF-
debug1: Sending command: exit
debug1: client_input_channel_req: channel rtype exit-status reply
debug1: client_input_channel_req: channel rtype eow@openssh.com reply
debug1: channel : free: client-session, nchannels
Transferred: sent , received bytes, in 0.0 seconds
Bytes per second: sent 165567.7, received 157506.3
debug1: Exit status real 0m0.170s
user 0m0.021s
sys 0m0.009s
[root@ok ssh]# ssh -v 60.205.149.41
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips Feb
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 60.205.149.41 [60.205.149.41] port .
debug1: Connection established.
debug1: permanently_set_uid: /
debug1: identity file /root/.ssh/identity type -
debug1: identity file /root/.ssh/identity-cert type -
debug1: identity file /root/.ssh/id_rsa type -
debug1: identity file /root/.ssh/id_rsa-cert type -
debug1: identity file /root/.ssh/id_dsa type -
debug1: identity file /root/.ssh/id_dsa-cert type -
debug1: identity file /root/.ssh/id_ecdsa type -
debug1: identity file /root/.ssh/id_ecdsa-cert type -
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.
debug1: match: OpenSSH_5. pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(<<) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '60.205.149.41' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel : new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env XMODIFIERS = @im=ibus
debug1: Sending env LANG = en_US.UTF- Welcome to aliyun Elastic Compute Service!