ssh连接缓慢（centos）

标签：systemd centos service Sep Failed session ssh 连接 head2

ssh登录服务器时，要等待30秒左右才能连接上，连上后使用正常不卡顿

查看debug信息，发现卡在这一步：

# ssh nodeName
...
debug1: pledge: network
...

查阅资料：

This is probably an issue with D-Bus and systemd. If the dbus service is restarted for some reason, you will also need to restart systemd-logind.

You can check if this is the issue by opening the ssh daemon log (on Ubuntu it should be /var/log/auth.log) and check if it has these lines:
#D-Bus是一个为应用程序间提供通信的消息总线系统, 用于进程之间的通信。
#centos日志在/var/log/secure

sshd[2721]: pam_systemd(sshd:session): Failed to create session: Connection timed out


If yes, just restart systemd-logind service:


systemctl restart systemd-logind


I had this same issue on CentOS 7, because the messagebus was restarted (which is how the D-Bus service is called on CentOS).

查看dbus服务信息

# systemctl status dbus
● dbus.service - D-Bus System Message Bus
   Loaded: loaded (/usr/lib/systemd/system/dbus.service; static; vendor preset: disabled)
   Active: active (running) since Fri 2022-09-02 08:03:13 CST; 5h 27min ago
     Docs: man:dbus-daemon(1)
 Main PID: 37359 (dbus-daemon)
    Tasks: 1
   Memory: 680.0K
   CGroup: /system.slice/dbus.service
           └─37359 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation

Sep 02 13:26:01 head2 dbus[37359]: [system] Activating via systemd: service name='org.freedesktop.login1' unit='dbus-org.freedesktop.login1.service'
Sep 02 13:26:26 head2 dbus[37359]: [system] Failed to activate service 'org.freedesktop.login1': timed out
Sep 02 13:27:01 head2 dbus[37359]: [system] Activating via systemd: service name='org.freedesktop.login1' unit='dbus-org.freedesktop.login1.service'
Sep 02 13:27:26 head2 dbus[37359]: [system] Failed to activate service 'org.freedesktop.login1': timed out
Sep 02 13:28:01 head2 dbus[37359]: [system] Activating via systemd: service name='org.freedesktop.login1' unit='dbus-org.freedesktop.login1.service'
Sep 02 13:28:26 head2 dbus[37359]: [system] Failed to activate service 'org.freedesktop.login1': timed out
Sep 02 13:29:02 head2 dbus[37359]: [system] Activating via systemd: service name='org.freedesktop.login1' unit='dbus-org.freedesktop.login1.service'
Sep 02 13:29:27 head2 dbus[37359]: [system] Failed to activate service 'org.freedesktop.login1': timed out
Sep 02 13:30:01 head2 dbus[37359]: [system] Activating via systemd: service name='org.freedesktop.login1' unit='dbus-org.freedesktop.login1.service'
Sep 02 13:30:26 head2 dbus[37359]: [system] Failed to activate service 'org.freedesktop.login1': timed out

查看systemd-logind服务信息

# systemctl status systemd-login
Unit systemd-login.service could not be found.
[root@head2 ~]# systemctl status system-login
Unit system-login.service could not be found.
[root@head2 ~]# systemctl status system-logind
Unit system-logind.service could not be found.
[root@head2 ~]# systemctl status systemd-logind
● systemd-logind.service - Login Service
   Loaded: loaded (/usr/lib/systemd/system/systemd-logind.service; static; vendor preset: disabled)
   Active: active (running) since Mon 2022-08-29 17:21:16 CST; 3 days ago
     Docs: man:systemd-logind.service(8)
           man:logind.conf(5)
           http://www.freedesktop.org/wiki/Software/systemd/logind
           http://www.freedesktop.org/wiki/Software/systemd/multiseat
 Main PID: 5085 (systemd-logind)
   Status: "Processing requests..."
    Tasks: 1
   Memory: 296.0K
   CGroup: /system.slice/systemd-logind.service
           └─5085 /usr/lib/systemd/systemd-logind

Sep 02 07:40:41 head2 systemd-logind[5085]: Failed to abandon session scope: Transport endpoint is not connected
Sep 02 07:40:41 head2 systemd-logind[5085]: Failed to abandon session scope: Transport endpoint is not connected
Sep 02 07:40:41 head2 systemd-logind[5085]: Failed to abandon session scope: Transport endpoint is not connected
Sep 02 07:40:41 head2 systemd-logind[5085]: Failed to abandon session scope: Transport endpoint is not connected
Sep 02 07:40:41 head2 systemd-logind[5085]: Failed to abandon session scope: Transport endpoint is not connected
Sep 02 07:41:06 head2 systemd-logind[5085]: Failed to abandon session scope: Transport endpoint is not connected
Sep 02 08:24:55 head2 systemd-logind[5085]: Failed to abandon session scope: Transport endpoint is not connected
Sep 02 08:59:26 head2 systemd-logind[5085]: Failed to abandon session scope: Transport endpoint is not connected
Sep 02 08:59:26 head2 systemd-logind[5085]: Failed to abandon session scope: Transport endpoint is not connected
Sep 02 11:25:59 head2 systemd-logind[5085]: Failed to abandon session scope: Transport endpoint is not connected

查看secure日志

# tail /var/log/secure
Sep  2 13:23:26 head2 crond[25847]: pam_systemd(crond:session): Failed to create session: Connection timed out
Sep  2 13:24:26 head2 crond[26214]: pam_systemd(crond:session): Failed to create session: Connection timed out
Sep  2 13:25:26 head2 crond[26579]: pam_systemd(crond:session): Failed to create session: Connection timed out
Sep  2 13:26:26 head2 crond[26949]: pam_systemd(crond:session): Failed to create session: Failed to activate service 'org.freedesktop.login1': timed out
Sep  2 13:27:26 head2 crond[27315]: pam_systemd(crond:session): Failed to create session: Failed to activate service 'org.freedesktop.login1': timed out
Sep  2 13:28:26 head2 crond[27680]: pam_systemd(crond:session): Failed to create session: Connection timed out
Sep  2 13:29:27 head2 crond[28047]: pam_systemd(crond:session): Failed to create session: Connection timed out
Sep  2 13:30:26 head2 crond[28407]: pam_systemd(crond:session): Failed to create session: Failed to activate service 'org.freedesktop.login1': timed out
Sep  2 13:30:26 head2 crond[28406]: pam_systemd(crond:session): Failed to create session: Failed to activate service 'org.freedesktop.login1': timed out
Sep  2 13:31:26 head2 crond[28790]: pam_systemd(crond:session): Failed to create session: Connection timed out

重启服务，恢复正常

# systemctl restart systemd-logind

systemd-logind是一个管理用户登录的系统服务，职责如下：

    持续跟踪用户的会话、进程、空闲状态。这将在 user.slice 之下，为每个用户分配一个 slice 单元、为每个用户的当前会话分配一个 scope 单元。同时，针对每个已登录的用户，将会启动一个专属的服务管理器(作为[email protected] 模版的一个实例)。

    生成并管理"session ID"。如果启用了审计并且已经为一个会话设置了审计"session ID"，那么该ID也将同时被用作"session ID"，否则将会使用一个独立的会话计数器(也就是独立
    生成一个"session ID")。

    为用户的特权操作(例如关闭或休眠系统) 提供基于 polkit 的认证与授权

    为应用程序实现阻止关闭/休眠系统的逻辑

    处理硬件关机/休眠按钮的动作

    多席位(Multi-Seat)管理

    会话切换管理

    管理用户对设备的访问

    在启动虚拟终端时自动启动文本登录程序(agetty)，并管理用户的运行时目录。

ssh登录时，systemd-logind负责为这个登录用户创建一个Session ID，并进行管理。我们主要就是阻塞在了这里。

值得一提的是systemd-login的用户会话是通过PAM模块注册的，而PAM模块pam_systemd中有一个desktop选项，因此，如果你的服务器是桌面版的，重启systemd-logind，这个用户桌面上的一切程序都会被关闭（包括桌面上的开启的终端与程序）
参考:https://blog.csdn.net/littleRpl/article/details/110119384

标签：systemd,centos,service,Sep,Failed,session,ssh,连接,head2
From： https://www.cnblogs.com/1016391912pm/p/16649598.html

相关文章

赞助商

阅读排行