ssh: connection reset by peer

98 views
Skip to first unread message

flyer

unread,
Jan 27, 2013, 9:25:41 PM1/27/13
to sh...@googlegroups.com
这个问题很奇怪,一周只会出现一次,而且出现半个小时或一个两个小时后,问题会自动解决,能够正常连接到目标机器上,不会出现 "connection reset by peer" 的问题。

在出现 ssh 连接问题时,通过 "ssh  -vvv" 查看连接过程时,会输出如 这个链接 中的信息。不知大家遇到过这种情况没?

我查了下,目前发现有三种情况和解决方法:

2)ssh 文件名问题,把 authorized_keys 复制到 authorized_keys2 文件中,参见:http://www.debian-administration.org/articles/152  (查找 "connection reset")
3)the connection packets are too big for the server to handle and the connection is reset。参见:http://serverfault.com/questions/265244/ssh-client-problem-connection-reset-by-   peer 解决方法是限制包的大小,有两种方法:

请问大家这类问题该如何处理?

--
宠辱不惊,闲看庭前花开花落;去留无意,漫随天边云卷云舒。

Yiling Cao

unread,
Jan 28, 2013, 2:01:39 PM1/28/13
to sh...@googlegroups.com
没什么好改的,我以前试过,其实就是路由器把你connection drop了,你可以通过keepalive 等设置来改善,但我以前测下来没啥效果的。。

如果你是用来做ssh tunnel的话,可以用while script + autossh,就永远会重联了。


2013/1/28 flyer <flye...@gmail.com>
--
-- You received this message because you are subscribed to the Google Groups Shanghai Linux User Group group. To post to this group, send email to sh...@googlegroups.com. To unsubscribe from this group, send email to shlug+un...@googlegroups.com. For more options, visit this group at https://groups.google.com/d/forum/shlug?hl=zh-CN
---
您收到此邮件是因为您订阅了 Google 网上论坛的“Shanghai Linux User Group”论坛。
要取消订阅此网上论坛,请发送电子邮件至 shlug+un...@googlegroups.com
要查看更多选项,请访问 https://groups.google.com/groups/opt_out。
 
 

flyer

unread,
Jan 28, 2013, 10:25:57 PM1/28/13
to sh...@googlegroups.com
是如何分析出路由器导致 connection drop 的?而且,奇怪的是,每周都会在固定的时间出现一次。

起初任务是目标机器当时内存占用率太高造成 connection reset 的,但通过监控查看了下当时目标机器的内存占用率,比正常时不多出 1%,排除这个因素了。

由于每周同一台机器会在同一个时间段出现这个问题,想问下排查的思路。谢谢。

2013/1/29 Yiling Cao <yilin...@gmail.com>
要退订此论坛并停止接收此论坛的电子邮件,请发送电子邮件到 shlug+un...@googlegroups.com
要查看更多选项,请访问 https://groups.google.com/groups/opt_out。
 
 


Yiling Cao

unread,
Jan 28, 2013, 10:54:24 PM1/28/13
to sh...@googlegroups.com
路由又不是只有你家的路由。。。你能描述下你的环境,是否动态ip?

2013/1/29 flyer <flye...@gmail.com>

flyer

unread,
Jan 28, 2013, 11:53:11 PM1/28/13
to sh...@googlegroups.com
这是公司机器出现的情况,机器的 IP 是静态绑定的。另外,openssh 的版本比较低,是 3.x 的,不知与这有没有影响?


2013/1/29 Yiling Cao <yilin...@gmail.com>

Yiling Cao

unread,
Jan 29, 2013, 1:41:59 AM1/29/13
to sh...@googlegroups.com
你能多描述下吗?你的客户机呢?当中什么环境? 你是局域网连接吗?服务器是unix还是linux等等。。。

2013/1/29 flyer <flye...@gmail.com>

flyer

unread,
Jan 29, 2013, 2:00:14 AM1/29/13
to sh...@googlegroups.com
是先连接到一台 linux 服务器上 (假设是 A),然后再 ssh 到目标机器中 (假设是 B)。

是局域网连接,服务器和目标机器都是 linux。

我查了查目标机器的 sshd 日志,很奇怪的是没有从 A 到 B 连接失败的记录,但却有从 A 到 B 连接成功的记录……

2013/1/29 Yiling Cao <yilin...@gmail.com>

leeway1985

unread,
Jan 29, 2013, 2:23:54 AM1/29/13
to sh...@googlegroups.com
���ϴ�������������� �����˰��� �����ǿӵ��it���Ÿ����ǵķ��������õ�ip��ַ���˼ҵĵ�ַ��ͻ�ˡ� ���ԲŻ���� һ���� һ��reset by peer��

��Ӧ�ù�Ϊǰ����ֵ������� ���绷������ ������ɡ� ȷ������û�п�����ip��ͻ�ˡ�



On 01/29/2013 03:00 PM, flyer wrote:
�������ӵ�һ̨ linux �������� (������ A)��Ȼ���� ssh ��Ŀ������� (������ B)��

�Ǿ��������ӣ���������Ŀ��������� linux��

�Ҳ��˲�Ŀ������� sshd ��־������ֵ���û�д� A �� B ����ʧ�ܵļ�¼����ȴ�д� A �� B ���ӳɹ��ļ�¼����

2013/1/29 Yiling Cao <yilin...@gmail.com>
���ܶ������������ �ͻ����أ�����ʲô������ ���Ǿ����������𣿷�������unix����linux�ȵȡ�����


2013/1/29 flyer <flye...@gmail.com>
���ǹ�˾�������ֵ������������ IP �Ǿ�̬�󶨵ġ����⣬openssh �İ汾�Ƚϵͣ��� 3.x �ģ���֪������û��Ӱ�죿


2013/1/29 Yiling Cao <yilin...@gmail.com>
·���ֲ���ֻ����ҵ�· �ɡ�����������������Ļ������Ƿ�̬ip��


2013/1/29 flyer <flye...@gmail.com>
����η�����·�������� connection drop �ģ����ң���ֵ��ǣ�ÿ�ܶ����ڹ̶���ʱ�����һ�Ρ�

���������Ŀ�������ʱ�ڴ�ռ����̫����� connection reset �ģ���ͨ���ز鿴���µ�ʱĿ��������ڴ�ռ���ʣ�����ʱ����� 1%���ų���������ˡ�

����ÿ��ͬһ̨��������ͬһ��ʱ��γ���������⣬�������Ų� ��˼·��лл��

2013/1/29 Yiling Cao <yilin...@gmail.com>
ûʲô�øĵģ�����ǰ�Թ���ʵ����·�� ������connection drop�ˣ������ͨ��keepalive �����������ƣ�������ǰ������ûɶЧ��ġ���

�������������ssh tunnel�Ļ���������while script + autossh������Զ�������ˡ�


2013/1/28 flyer <flye...@gmail.com>
�� ���������֣�һ��ֻ�����һ �Σ��� �ҳ��ְ��Сʱ��һ������Сʱ ��������Զ�������� �������ӵ�Ŀ������ϣ����� ���� "connection reset by peer" �����⡣

�� ���� ssh ��������ʱ��ͨ�� "ssh  -vvv" �鿴���ӹ��ʱ��������� ������� �е���Ϣ����֪����������������û��

�Ҳ����£�Ŀǰ������������� �ͽ��������

1�����绷�����ң� �μ�http://blog.csdn.net/lannyjay/article/details/3219600
2��ssh �ļ������⣬�� authorized_keys ���Ƶ� authorized_keys2 �ļ��У��μ�http://www.debian-administration.org/articles/152  (�� �� "connection reset")
3��the connection packets are too big for the server to handle and the connection is reset���μ�http://serverfault.com/questions/265244/ssh-client-problem-connection-reset-by-   peer ������������ư�Ĵ�С�������ַ�����
  • limit cipher list length���� `ssh  -caes128-ctr  name@hostname`

    ���ʴ�������������� ���?

    --
    ���費�����п�ͥǰ�������䣻 ȥ�����⣬��������ƾ����档

    --
    -- You received this message because you are subscribed to the Google Groups Shanghai Linux User Group group. To post to this group, send email to sh...@googlegroups.com. To unsubscribe from this group, send email to shlug+un...@googlegroups.com. For more options, visit this group at https://groups.google.com/d/forum/shlug?hl=zh-CN
    ---
    ���յ����ʼ�����Ϊ������ Google ������̳�ġ�Shanghai Linux User Group����̳��
    Ҫȡ���Ĵ�������̳���뷢�� �����ʼ��� shlug+un...@googlegroups.com��
    Ҫ�鿴���ѡ������ https://groups.google.com/groups/opt_out��
     
     

    --
    -- You received this message because you are subscribed to the Google Groups Shanghai Linux User Group group. To post to this group, send email to sh...@googlegroups.com. To unsubscribe from this group, send email to shlug+un...@googlegroups.com. For more options, visit this group at https://groups.google.com/d/forum/shlug?hl=zh-CN
    ---
    ���յ����ʼ�����Ϊ������ Google ������̳�ġ�Shanghai Linux User Group����̳��
    Ҫ�˶�����̳��ֹͣ���մ���̳�ĵ����ʼ����뷢�͵� ���ʼ��� shlug+un...@googlegroups.com��
    Ҫ�鿴���ѡ������ https://groups.google.com /groups/opt_out��
     
     



    --
    ���費�����п�ͥǰ�������䣻ȥ�����⣬��������ƾ����档

    --
    -- You received this message because you are subscribed to the Google Groups Shanghai Linux User Group group. To post to this group, send email to sh...@googlegroups.com. To unsubscribe from this group, send email to shlug+un...@googlegroups.com. For more options, visit this group at https://groups.google.com/d/forum/shlug?hl=zh-CN
    ---
    ���յ����ʼ�����Ϊ������ Google ������̳�ġ�Shanghai Linux User Group����̳��
    Ҫ�˶�����̳��ֹͣ���մ���̳�ĵ����ʼ����뷢�͵����ʼ��� shlug+un...@googlegroups.com��
    Ҫ�鿴���ѡ������ https://groups.google.com /groups/opt_out��
     
     

    --
    -- You received this message because you are subscribed to the Google Groups Shanghai Linux User Group group. To post to this group, send email to sh...@googlegroups.com. To unsubscribe from this group, send email to shlug+un...@googlegroups.com. For more options, visit this group at https://groups.google.com/d/forum/shlug?hl=zh-CN
    ---
    ���յ����ʼ�����Ϊ������ Google ������̳�ġ�Shanghai Linux User Group����̳��
    Ҫ�˶�����̳��ֹͣ���մ���̳�ĵ����ʼ����뷢�͵����ʼ��� shlug+un...@googlegroups.com��
    Ҫ�鿴���ѡ������ https://groups.google.com /groups/opt_out��
     
     



    --
    ���費�����п�ͥǰ�������䣻ȥ�����⣬��������ƾ����档

    --
    -- You received this message because you are subscribed to the Google Groups Shanghai Linux User Group group. To post to this group, send email to sh...@googlegroups.com. To unsubscribe from this group, send email to shlug+un...@googlegroups.com. For more options, visit this group at https://groups.google.com/d/forum/shlug?hl=zh-CN
    ---
    ���յ����ʼ�����Ϊ������ Google ������̳�ġ�Shanghai Linux User Group����̳��
    Ҫ�˶�����̳��ֹͣ���մ���̳�ĵ����ʼ����뷢�͵����ʼ��� shlug+un...@googlegroups.com��
    Ҫ�鿴���ѡ������ https://groups.google.com /groups/opt_out��
     
     

    --
    -- You received this message because you are subscribed to the Google Groups Shanghai Linux User Group group. To post to this group, send email to sh...@googlegroups.com. To unsubscribe from this group, send email to shlug+un...@googlegroups.com. For more options, visit this group at https://groups.google.com/d/forum/shlug?hl=zh-CN
    ---
    ���յ����ʼ�����Ϊ������ Google ������̳�ġ�Shanghai Linux User Group����̳��
    Ҫ�˶�����̳��ֹͣ���մ���̳�ĵ����ʼ����뷢�͵����ʼ��� shlug+un...@googlegroups.com��
    Ҫ�鿴���ѡ������ https://groups.google.com/groups /opt_out��
     
     



    --
    ���費�����п�ͥǰ�������䣻ȥ�����⣬��������ƾ����档

    --
    -- You received this message because you are subscribed to the Google Groups Shanghai Linux User Group group. To post to this group, send email to sh...@googlegroups.com. To unsubscribe from this group, send email to shlug+un...@googlegroups.com. For more options, visit this group at https://groups.google.com/d/forum/shlug?hl=zh-CN
    ---
    ���յ����ʼ�����Ϊ������ Google ������̳�ġ�Shanghai Linux User Group����̳��
    Ҫ�˶�����̳��ֹͣ���մ���̳�ĵ����ʼ����뷢�͵����ʼ��� shlug+un...@googlegroups.com��
    Ҫ�鿴���ѡ������ https://groups.google.com /groups/opt_out��
     
     

    Reply all
    Reply to author
    Forward
    0 new messages