linux + ssh限制+ ssh同时从多台机器到一台机器

Question

以下脚本"testssh.ksh"证明当我们尝试在同一时间从多台机器执行ssh时ssh有一些问题

实际上这个脚本的目标是验证Solaris服务器(10.10.18.6)中/ var/tmp下的文件test_file,因为所有在ssh步骤中都看到我们无法验证test_file的存在,因为ssh卡住了或者没有从期待中激活

后台 - 此脚本同时对Solaris服务器执行15次ssh,IP-10.10.18.6,以验证服务器中/ var/tmp下的file_test

我的问题 - 如何改进ssh过程以避免以下问题

备注 - 在这种情况下,睡眠可以帮助我们 - 但我不想在ssh过程之前添加睡眠

  [root@linux /var/tmp]# more  testssh.ksh
  #!/bin/ksh



  expect=`cat << EOF
  set timeout -1
  spawn  ssh  10.10.18.6 
       expect {
                 ")?"   { send "yes\r"  ; exp_continue  }

                 word:  {send pass123\r}
              }
  expect >  {send "ls  /var/tmp/test_file\r"}
  expect >    {send exit\r}
  expect eof
  EOF`


  for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
  do
     ( expect -c  "$expect"  | grep "test_file"  | grep -v ls ) &
  done

示例 - 当我们运行脚本testssh.ksh时

     [root@linux /var/tmp]# /var/tmp/testssh.ksh
     /var/tmp/test_file
     /var/tmp/test_file
     /var/tmp/test_file
     /var/tmp/test_file
     /var/tmp/test_file
     expect: spawn id exp6 not open
     while executing
     "expect >  {send "ls  /var/tmp/test_file\r"}"
     expect: spawn id exp6 not open
     while executing
     "expect >  {send "ls  /var/tmp/test_file\r"}"
     expect: spawn id exp6 not open
     while executing
     "expect >  {send "ls  /var/tmp/test_file\r"}"
     expect: spawn id exp6 not open
     while executing
     "expect >  {send "ls  /var/tmp/test_file\r"}"
     /var/tmp/test_file
     /var/tmp/test_file
     /var/tmp/test_file
     /var/tmp/test_file
     /var/tmp/test_file
     /var/tmp/test_file

Answer 1

你已经设置了MaxSession和MaxStartups你的sshd.conf(或相当的)？我相信,40个同时进行的SSH连接不应该太多,无法让服务器处理.

来自man sshd_config页面:

 MaxSessions
         Specifies the maximum number of open sessions permitted per net?
         work connection.  The default is 10.

 MaxStartups
         Specifies the maximum number of concurrent unauthenticated con?
         nections to the SSH daemon.  Additional connections will be
         dropped until authentication succeeds or the LoginGraceTime
         expires for a connection.  The default is 10.

         Alternatively, random early drop can be enabled by specifying the
         three colon separated values “start:rate:full” (e.g. "10:30:60").
         sshd(8) will refuse connection attempts with a probability of
         “rate/100” (30%) if there are currently “start” (10) unauthenti?
         cated connections.  The probability increases linearly and all
         connection attempts are refused if the number of unauthenticated
         connections reaches “full” (60).

如果您没有更改这些,您的服务器将不会处理超过10个同时连接.

类似的问题(serverfault.com).