1. 问题
多线程连接SFTP时, 程序抛出异常
com.jcraft.jsch.JSchException: connection is closed by foreign host
at com.jcraft.jsch.Session.connect(Session.java:269)
at com.jcraft.jsch.Session.connect(Session.java:183)
2. 分析
单线程连接正常, 多线程异常, 连接数的变化导致SFTP不同反应, 猜测是sshd对连接有限制
查看sshd手册man sshd_config
- MaxSessions, 多路复用, 一个tcp连接支持的最大会话数(ssh, sftp等)
- MaxStartups, 登录窗口期内, 最大并发连接请求
MaxStartups默认为10:30:100, 表示并发连接超过10以后, 概率性(30%线程递增, 并发数达到60后概率为100%)的拒绝新连接
MaxSessions
Specifies the maximum number of open sessions
permitted per network connection. The default is 10.
MaxStartups
Specifies the maximum number of concurrent unauthenticated
connections to the SSH daemon.
Additional connections will be dropped until authentication
succeeds or the LoginGraceTime expires for a connection.
The default is 10:30:100.
Alternatively, random early drop can be enabled by
specifying the three colon separated values “start:rate:full”
(e.g. "10:30:60").
sshd(8) will refuse connection attempts with a probability
of “rate/100” (30%) if there are currently “start”(10)
unauthenticated connections. The probability increases
linearly and all connection attempts are refused if the
number of unauthenticated connections reaches “full” (60).
LoginGraceTime
The server disconnects after this time if the user has not
successfully logged in. If the value is 0, there is no
time limit. The default is 120 seconds.
3. 方案
修改MaxStartups参数 (start初始值>=并发数), 并重启sshd服务
MaxStartups 100:30:200
扫一扫
4580
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
