stfp com.jcraft.jsch.JSchException: connection is closed by foreign host

[venusdrogon]

stfp com.jcraft.jsch.JSchException: connection is closed by foreign host

今天某商城 使用出现了以下的异常

1013 04:00:00 ERROR (SFTPFileTransfer.java:122) connect() - sftpFileTransferConfig:    {
        "port": 22,
        "sshConfig": {"StrictHostKeyChecking": "no"},
        "userName": "columbia",
        "hostName": "********",
        "password": "******",
        "sessionTimeout": 120000
    },by:connection is closed by foreign host
com.jcraft.jsch.JSchException: connection is closed by foreign host
    at com.jcraft.jsch.Session.connect(Session.java:269)
    at com.jcraft.jsch.Session.connect(Session.java:183)
    at com.feilong.tools.net.filetransfer.sftp.SFTPUtil.connectSession(SFTPUtil.java:76)
    at com.feilong.tools.net.filetransfer.sftp.SFTPFileTransfer.connect(SFTPFileTransfer.java:108)
    at com.feilong.tools.net.filetransfer.AbstractFileTransfer.download(AbstractFileTransfer.java:83)
    at com.store.manager.member.impl.MemberImportManagerImpl.readViplist(MemberImportManagerImpl.java:156)
    at com.store.manager.member.impl.MemberImportManagerImpl.importVIPstaff(MemberImportManagerImpl.java:123)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)
    at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
    at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)
    at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)
    at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94)
    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
    at com.sun.proxy.$Proxy533.importVIPstaff(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)

[venusdrogon]

貌似是服务端有ssh链接限制

参见 http://blog.sina.com.cn/s/blog_4c4a24db0101mr36.html

最近在给一个快递公司做一个FTP Server，用的是VSFTP 和JSCH 。当用JSCH客户端并发访问VSFTP的时候，报了这个问题。这个问题测试了好几次才测试出来！
     可能会有很多原因导致此异常，但我这边最终解决办法是修改linux系统的ssh配置文件的：MaxStartups
存在问题：SSH终端连接数最大为10个

解决方案：
1)        修改/etc/ssh/sshd_config中#MaxStartups，将其改为MaxStartups 1000
2)        重启SSH服务，/etc/init.d/ssh restart
Debian系统默认连接时间120秒，如果远程终端连接数过多，则会出现超时连接，解决办法如下：
1)        修改/etc/ssh/sshd_config中LoginGraceTime 120,将其改为LoginGraceTime 0，其中0表示不限制连接时间
2)        重启SSH服务，/etc/init.d/ssh restart

注：重启TELNET服务，/etc/init.d/xinetd restart
    重启FTP服务，/etc/init.d/vsftpd restart
另外，/etc/security/limits.conf  也可以修改最大连接数，但对SSH服务不生效。

存在问题： SSH终端连接数最大为10个   这句话实际描述不是十分恰当，
MaxStartups默认确实是10（linux），但是这个数字是链接队列中等待握手的数。
如果这个数字太小，当并发链接超过10的时候就会出现：connection is closed by foreign host 。

1. MaxStartups

[vmuser@dev ~]$ sudo vim /etc/ssh/sshd_config

默认值:

#MaxStartups 10:30:100

含义:

• 10: Number of unauthenticated connections before we start dropping
• 30: Percentage chance of dropping once we reach 10 (increases linearly for more than 10)
• 100:Maximum number of connections at which we start dropping everything

Source: sshd_config "Alternatively, random early drop can be enabled by specifying the three colon separated values ''start:rate:full'' (e.g., "10:30:100"). sshd will refuse connection attempts with a probability of ''rate/100'' (30%) if there are currently ''start'' (10) unauthenticated connections. The probability increases linearly and all connection attempts are refused if the number of unauthenticated connections reaches ''full'' (100)."

参考:

• http://stackoverflow.com/questions/4812134/in-sshd-configuration-what-is-maxstartups-103060-means

如何查看当前的ssh 连接数呢?

ps -A x |grep sshd |grep -v grep

参考:

• http://stackoverflow.com/questions/17199089/find-out-how-much-ssh-connections-currently-exist

2. MaxSessions

sshd_config MaxSessions parameter

MaxSessions Specifies the maximum number of open sessions permitted per network connection. The default is 10. This man entry for this particular limit is somewhat vague. The change log message adding this feature is a bit more helpful:

Added a MaxSessions option to sshd_config(5) to allow control of the number of multiplexed sessions supported over a single TCP connection. This allows increasing the number of allowed sessions above the previous default of 10, disabling connection multiplexing (MaxSessions=1) or disallowing login/shell/subsystem sessions entirely (MaxSessions=0). Effectively, the MaxSessions parameter is meant to limit the number of multiplexed ssh sessions you can have over a single ssh session. See the ControlMaster section of ssh_config(5).

Session multiplexing allows you to setup a single Master connection which all other connections to the same host can then reuse (but they don't have to). This has no effect on port forwarding, or SOCKS proxying. It also has no effect on my ability to connect again to the same host via a new network connection. It is really specific to connection multiplexing, and nothing more.

参考:

• http://unix.stackexchange.com/questions/26170/sshd-config-maxsessions-parameter