服务器系统:Ubuntu 22.04
相关服务: open-ssh
问题
最近服务器进行ssh连接往往需要多次尝试连接才能够成功,失败的连接报错如下:
C:\Users\xx> ssh ab@[IP]
kex_exchange_identification: Connection closed by remote host
Connection closed by [IP] port 22
或者输入密码后需要等待很久才能重新连接
原因
-
/etc/ssh/sshd_config 为ssh服务的参数,其中有一条为:
MaxStartups 10:30:100其含义如下:
10:未验证连接数达到10开始进行连接drop (以一定概率拒绝新的连接)
30:基础drop概率值,线性增大
100: 未验证连接数达到100则拒绝所有新连接文章来源:https://www.toymoban.com/news/detail-811676.html -
使用命令 systemctl status ssh 发现有大量标记为[priv]的连接,每秒有多次连接失败尝试文章来源地址https://www.toymoban.com/news/detail-811676.html
├─2109811 "sshd: unknown [priv]"
├─2109812 "sshd: unknown [priv]"
├─2109813 "sshd: unknown [net]" ""
├─2109814 "sshd: unknown [priv]"
├─2109815 "sshd: unknown [net]" ""
├─2109816 "sshd: unknown [net]" ""
├─2109817 "sshd: unknown [priv]"
├─2109818 "sshd: unknown [net]" ""
├─2109819 "sshd: unknown [priv]"
├─2109820 "sshd: unknown [net]" ""
├─2109821 "sshd: root [priv]" "" "" ""
├─2109822 "sshd: root [net]" "" "" "" ""
├─2109823 "sshd: unknown [priv]"
├─2109824 "sshd: unknown [net]" ""
├─2109827 "sshd: unknown [priv]"
├─2109829 "sshd: unknown [net]" ""
├─2109830 "sshd: unknown [priv]"
├─2109831 "sshd: unknown [priv]"
├─2109832 "sshd: unknown [net]" ""
├─2109833 "sshd: unknown [net]" ""
├─2109834 "sshd: unknown [priv]"
├─2109835 "sshd: unknown [net]" ""
├─2109837 "sshd: unknown [priv]"
├─2109838 "sshd: unknown [net]" ""
├─2109839 "sshd: unknown [priv]"
├─2109842 "sshd: unknown [net]" ""
├─2109843 "sshd: unknown [priv]"
├─2109844 "sshd: root [priv]" "" "" ""
1月 10 04:23:22 w4 sshd[1938612]: Connection closed by invalid user ljb
1月 10 04:23:22 w4 sshd[1938803]: pam_unix(sshd:auth): check pass; user unknown
1月 10 04:23:22 w4 sshd[1938803]: pam_unix(sshd:auth): authentication failure; logname= uid=0
1月 10 04:23:22 w4 sshd[1938658]: Failed password for root from
1月 10 04:23:22 w4 sshd[1938657]: Failed password for invalid user umscloud from
1月 10 04:23:22 w4 sshd[1938805]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser04:23:22 w4 ssh
1月 10 04:23:22 w4 sshd[1938693]: Failed password for invalid user
1月 10 04:23:22 w4 sshd[1938661]: Failed password for invalid user dzq818
1月 10 04:23:22 w4 sshd[1938807]: Invalid user d_user from
解决方案
- 令所有用户配置秘钥登录,ssh配置设置为禁止使用账户密码登录
- 使用fail2ban工具,ban掉短时间内多次登录失败的ip地址
fail2ban详细安装教程
到了这里,关于服务器SSH连接问题:每次连接都需要多次尝试或需长时间等待的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!
