Open venusdrogon opened 6 years ago
貌似是服务端有ssh链接限制
参见 http://blog.sina.com.cn/s/blog_4c4a24db0101mr36.html
最近在给一个快递公司做一个FTP Server,用的是VSFTP 和JSCH 。当用JSCH客户端并发访问VSFTP的时候,报了这个问题。这个问题测试了好几次才测试出来!
可能会有很多原因导致此异常,但我这边最终解决办法是修改linux系统的ssh配置文件的:MaxStartups
存在问题:SSH终端连接数最大为10个
解决方案:
1) 修改/etc/ssh/sshd_config中#MaxStartups,将其改为MaxStartups 1000
2) 重启SSH服务,/etc/init.d/ssh restart
Debian系统默认连接时间120秒,如果远程终端连接数过多,则会出现超时连接,解决办法如下:
1) 修改/etc/ssh/sshd_config中LoginGraceTime 120,将其改为LoginGraceTime 0,其中0表示不限制连接时间
2) 重启SSH服务,/etc/init.d/ssh restart
注:重启TELNET服务,/etc/init.d/xinetd restart
重启FTP服务,/etc/init.d/vsftpd restart
另外,/etc/security/limits.conf 也可以修改最大连接数,但对SSH服务不生效。
存在问题: SSH终端连接数最大为10个 这句话实际描述不是十分恰当,
MaxStartups默认确实是10(linux),但是这个数字是链接队列中等待握手的数。
如果这个数字太小,当并发链接超过10的时候就会出现:connection is closed by foreign host 。
[vmuser@dev ~]$ sudo vim /etc/ssh/sshd_config
默认值:
#MaxStartups 10:30:100
含义:
Source: sshd_config "Alternatively, random early drop can be enabled by specifying the three colon separated values ''start:rate:full'' (e.g., "10:30:100"). sshd will refuse connection attempts with a probability of ''rate/100'' (30%) if there are currently ''start'' (10) unauthenticated connections. The probability increases linearly and all connection attempts are refused if the number of unauthenticated connections reaches ''full'' (100)."
参考:
如何查看当前的ssh 连接数呢?
ps -A x |grep sshd |grep -v grep
参考:
sshd_config MaxSessions parameter
MaxSessions Specifies the maximum number of open sessions permitted per network connection. The default is 10. This man entry for this particular limit is somewhat vague. The change log message adding this feature is a bit more helpful:
Added a MaxSessions option to sshd_config(5) to allow control of the number of multiplexed sessions supported over a single TCP connection. This allows increasing the number of allowed sessions above the previous default of 10, disabling connection multiplexing (MaxSessions=1) or disallowing login/shell/subsystem sessions entirely (MaxSessions=0). Effectively, the MaxSessions parameter is meant to limit the number of multiplexed ssh sessions you can have over a single ssh session. See the ControlMaster section of ssh_config(5).
Session multiplexing allows you to setup a single Master connection which all other connections to the same host can then reuse (but they don't have to). This has no effect on port forwarding, or SOCKS proxying. It also has no effect on my ability to connect again to the same host via a new network connection. It is really specific to connection multiplexing, and nothing more.
参考:
stfp com.jcraft.jsch.JSchException: connection is closed by foreign host
今天某商城 使用出现了以下的异常