解决centos的SSH远程连接服务慢

1、连接慢的主要原因是DNS解析导致解决方法：1、在ssh服务端上更改/etc/ssh/sshd_config文件中的配置为如下内容：UseDNS no# GSSAPI optionsGSSAPIAuthentication no然后，执行/etc/init.d/sshd restart重启sshd进程使上述配置生效，在连接一般就不慢了。如果还慢的话，检查ssh服务端上/etc/hosts文件中，127.0.0.1对应的主机名是否和uname -n的结果一样，或者把本机ip和hostname(uname -n结果)加入到/etc/hosts里。

2、root@C64~]#uname-nC64[root@C64~]#cat/etc/hosts#modibyoldboy11:122013/9/24127.0.0.1C64localhostlocalhost.localdomainlocalhost4localhost4.localdomain4::1localhostlocalhost.localdomainlocalhost6localhost6.localdomain610.0.0.18C64################利用ssh-v的调试功能查找慢的原因其实可以用下面的命令调试为什么慢的细节（学习这个思路很重要）。

3、[root@C64~]#ssh-vroot@IP地址OpenSSH_5.3p1,OpenSSL1.0.0-fips29Mar2010debug1:Readingconf足毂忍珩igurationdata/etc/ssh/ssh_configdebug1:Applyingoptionsfor*debug1:Connectingto10.0.0.19[10.0.0.19]port22.debug1:Connectionestablished.debug1:permanently_set_uid:0/0debug1:identityfile/root/.ssh/identitytype-1debug1:identityfile/root/.ssh/id_rsatype-1debug1:identityfile/root/.ssh/id_dsatype-1debug1:Remoteprotocolversion2.0,remotesoftwareversionOpenSSH_4.3debug1:match:OpenSSH_4.3patOpenSSH_4*debug1:Enablingcompatibilitymodeforprotocol2.0debug1:LocalversionstringSSH-2.0-OpenSSH_5.3debug1:SSH2_MSG_KEXINITsentdebug1:SSH2_MSG_KEXINITreceiveddebug1:kex:server->clientaes128-ctrhmac-md5nonedebug1:kex:client->serveraes128-ctrhmac-md5nonedebug1:SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192)sentdebug1:expectingSSH2_MSG_KEX_DH_GEX_GROUPdebug1:SSH2_MSG_KEX_DH_GEX_INITsentdebug1:expectingSSH2_MSG_KEX_DH_GEX_REPLYTheauthenticityofhost'10.0.0.19(10.0.0.19)'can'tbeestablished.RSAkeyfingerprintisca:18:42:76:0e:5a:1c:7d:ef:fc:24:75:80:11:ad:f9.Areyousureyouwanttocontinueconnecting(yes/no)?yes=======>这里就是提示保存密钥的交互提示。Warning:Permanentlyadded'10.0.0.19'(RSA)tothelistofknownhosts.debug1:ssh_rsa_verify:signaturecorrectdebug1:SSH2_MSG_NEWKEYSsentdebug1:expectingSSH2_MSG_NEWKEYSdebug1:SSH2_MSG_NEWKEYSreceiveddebug1:SSH2_MSG_SERVICE_REQUESTsentdebug1:SSH2_MSG_SERVICE_ACCEPTreceiveddebug1:Authenticationsthatcancontinue:publickey,passworddebug1:Nextauthenticationmethod:publickeydebug1:Tryingprivatekey:/root/.ssh/identitydebug1:Tryingprivatekey:/root/.ssh/id_rsadebug1:Tryingprivatekey:/root/.ssh/id_dsadebug1:Nextauthenticationmethod:passwordroot@10.0.0.19'spassword:<strong>=======>这里就是提示输入密码的交互提示。</strong>debug1:Authenticationsucceeded(password).debug1:channel0:new[client-session]debug1:Enteringinteractivesession.debug1:Sendingenvironment.debug1:SendingenvLANG=en_US.UTF-8Lastlogin:TueSep2410:30:022013from10.0.0.18<strong>在远程连接时如果慢就可以确定卡在哪了。</strong>[root@C64_A~]#ssh-voldboy@IP地址OpenSSH_5.3p1,OpenSSL1.0.0-fips29Mar2010debug1:Readingconfigurationdata/etc/ssh/ssh_configdebug1:Applyingoptionsfor*debug1:Connectingto10.0.0.17[10.0.0.17]port22.debug1:Connectionestablished.debug1:permanently_set_uid:0/0debug1:identityfile/root/.ssh/identitytype-1debug1:identityfile/root/.ssh/id_rsatype-1debug1:identityfile/root/.ssh/id_dsatype2debug1:Remoteprotocolversion2.0,remotesoftwareversionOpenSSH_5.3debug1:match:OpenSSH_5.3patOpenSSH*debug1:Enablingcompatibilitymodeforprotocol2.0debug1:LocalversionstringSSH-2.0-OpenSSH_5.3debug1:SSH2_MSG_KEXINITsentdebug1:SSH2_MSG_KEXINITreceiveddebug1:kex:server->clientaes128-ctrhmac-md5nonedebug1:kex:client->serveraes128-ctrhmac-md5nonedebug1:SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192)sentdebug1:expectingSSH2_MSG_KEX_DH_GEX_GROUPdebug1:SSH2_MSG_KEX_DH_GEX_INITsentdebug1:expectingSSH2_MSG_KEX_DH_GEX_REPLYdebug1:Host'10.0.0.17'isknownandmatchestheRSAhostkey.debug1:Foundkeyin/root/.ssh/known_hosts:2debug1:ssh_rsa_verify:signaturecorrectdebug1:SSH2_MSG_NEWKEYSsentdebug1:expectingSSH2_MSG_NEWKEYSdebug1:SSH2_MSG_NEWKEYSreceiveddebug1:SSH2_MSG_SERVICE_REQUESTsentdebug1:SSH2_MSG_SERVICE_ACCEPTreceiveddebug1:Authenticationsthatcancontinue:publickey,gssapi-keyex,gssapi-with-mic,passworddebug1:Nextauthenticationmethod:gssapi-keyexdebug1:NovalidKeyexchangecontextdebug1:Nextauthenticationmethod:gssapi-with-mic上述配置没配就发现卡到gssapi这。就大概知道是gssapi的问题。实际上在linux系统优化部分就应该优化SSH服务的此处。