SUSE ssh登录慢解决办法,ssh登录失败,但是strace一下就好了的分析查询 第一次ssh，路由的问题

Ok的示例：

strace -o t ssh -l webdev 172.27.30.141

SUSE刚装完，开始用ssh的时候，总会遇到这样的问题：输入了用户名以后，等半天才出输入密码的框，很是急人。这是dns反查造成的。
解决方法：编辑 /etc/ssh/sshd_conf , 将 #UseDNS yes 取消注释，设为no ，重启sshd
( /etc/rc.d/sshd restart)

UseDNS no //这儿不能写为：No，大写，会出错的

然后：
/etc/rc.d/sshd restart

用户第一次链接新的sshd时，可能出现下面这种错误：

> ssh wcw@192.168.1.100
Host key not found from database.
Key fingerprint:
xofiz-zilip-tokar-rupyb-tufer-tahyc-sibah-kyvuf-palik-hazyt-duxux
You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
warning: tcsetattr failed in ssh_rl_set_tty_modes_for_fd: fd 1: Interrupted system call

解决办法是用：
strace -o t ssh wcw@192.168.1.100

也就是前面加上“strace -o t”，-o的意思如下：
-o file -- send trace output to FILE instead of stderr

这样就可以成功登录，然后退出后用正常的登录办法即可。前面生成的文件t也可以删掉了。
为什么加上strace就可以，具体是什么道理也没搞明白。该方法是google来的，具体链接已经找不到了。。。

strace -o t ssh -l admin 172.17.150.17*

Host key not found from database.
Key fingerprint:
xuror-ledab-buhim-zohok-tanop-cyrig-tysac-gyhyp-refan-semim-pyxex
You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
Are you sure you want to continue connecting (yes/no)?

好像用这个也成：

ssh -lroot -p36000 10.160.**.** -q

原因：
strace就是用来跟踪系统跳用和信号的。
这应该是ssh的bug。如果用strace调试的话，这个工具可以影响到信号处理，估计这样一搞就能让你有机会完成getkey之类的动作。
然后，下次再运行的时候本地也就会有正确的配置了。

深层分析：
首先要开ssh服务，查看一下。。

root@unbuntu:/etc# ps -ef |grep ssh
root 3996 1 0 13:51 ? 00:00:00 /usr/sbin/sshd
root 4463 3996 0 15:04 ? 00:00:00 sshd: nova [priv]
sshd 4464 4463 0 15:04 ? 00:00:00 sshd: nova [net]
root 4466 4310 0 15:04 pts/1 00:00:00 grep ssh
root@unbuntu:/etc# strace -p 4464

Process 4464 attached – interrupt to quit
select(4, [3], NULL, NULL, NULL) = 1 (in [3])
read(3, “\210\270\232z-\231lh,\341_\377\351\22X.tNVHFw\25=\310\235″…, 8192) = 144
write(4, “\0\0\0\17\v”, 5) = 5
write(4, “\0\0\0\nnovaserver “, 14) = 14
read(4, “\0\0\0\5″, 4) = 4
read(4, “\f\0\0\0\1″, 5) = 5
write(4, “\0\0\0\0011″, 5) = 5
read(4, “\0\0\0\t”, 4) = 4
read(4, “2\0\0\0\1\0\0\0\0″, 9) = 9
write(3, “\243\273r<\267\245F\374\201H(|~>f\36\337\306\367\341\374″…, 32) = 32
write(4, “\0\0\5/\31″, 5) = 5
write(4, “\0\0\0 \206\347\3\357\16\223\315\23_\267;\32\231\325\263″…, 1326) = 1326
exit_group(0) = ?
Process 4464 detached
上面解析到的就是我的ssh服务的密码，对应的用户是nova… [好害怕...]

上面这些需要开一个ssh的client来验证…

nova@unbuntu:~$ ssh 192.168.150.244 [回车]
nova@192.168.150.244’s password: [确认对端已经监听，解析 strace -p pid ]
Linux unbuntu 2.6.24-19-server #1 SMP Wed Jun 18 15:18:00 UTC 2008 i686

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

To access official Ubuntu documentation, please visit: http://help.ubuntu.com/ Last login: Mon Nov 24 15:02:44 2008 from 192.168.150.244
nova@unbuntu:~$

剩下的，你就可以看你的密码了，其实还有别的工具，truss…

CentOs5.5实际简单示例：

view plainprint?

ssh -lroot -p36000 10.160.**.** -q

yum install strace

Installed:

strace.i386 0:4.5.18-5.el5_5.5

Complete!

[root@jackxiang ~]# ps aux|grep ssh

root 1866 0.0 0.2 7208 756 ? Ss Jun18 0:00 /usr/sbin/sshd

root 5305 0.4 0.9 10036 2872 ? Ss 10:08 0:00 sshd: root@pts/ 0

root 5338 0.0 0.2 3996 692 pts/0 D+ 10:09 0:00 grep ssh

strace -p 5305

select(9, [3 5 8], [3], NULL, NULL) = 2 (in [8], out [3])

rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0

rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0

read(8, "\"\\\"\\\\\\\"\\\\\\\\\\\\\\\"\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"\\"..., 16384) = 370

write(3, "\251\\+K\256b\325v\270\27\202\vXQ\246\331\211\234\340a}\271\371\203\344\226>\5|\370}\341"..., 420) = 420

select(9, [3 5 8], [3], NULL, NULL) = 2 (in [8], out [3])

rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0