再次踩坑,ssh握手超时,arm(64)架构cpu的锅? 2023年4月23日
配置管理
0 条评论 
用SSH2做客户端通过privateKay连接服务器,结果每次连接都是超时,日志如下:

Custom crypto binding available
Local ident: 'SSH-2.0-ssh2js1.11.0'
Client: Trying **** on port ***** ...
Socket connected
Remote ident: 'SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.1'
Outbound: Sending KEXINIT
Inbound: Handshake in progress
Handshake: (local) KEX method: diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,diffie-hellman-group14-sha256
Handshake: (remote) KEX method: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,sntrup761x25519-sha512@openssh.com,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
Handshake: KEX algorithm: diffie-hellman-group-exchange-sha256
Handshake: (local) Host key format: ssh-ed25519
Handshake: (remote) Host key format: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
Handshake: Host key format: ssh-ed25519
Handshake: (local) C->S cipher: aes256-ctr,aes256-cbc
Handshake: (remote) C->S cipher: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
Handshake: C->S Cipher: aes256-ctr
Handshake: (local) S->C cipher: aes256-ctr,aes256-cbc
Handshake: (remote) S->C cipher: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
Handshake: S->C cipher: aes256-ctr
Handshake: (local) C->S MAC: hmac-sha2-256,hmac-sha1,hmac-md5
Handshake: (remote) C->S MAC: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
Handshake: C->S MAC: hmac-sha2-256
Handshake: (local) S->C MAC: hmac-sha2-256,hmac-sha1,hmac-md5
Handshake: (remote) S->C MAC: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
Handshake: S->C MAC: hmac-sha2-256
Handshake: (local) C->S compression: none,zlib@openssh.com,zlib
Handshake: (remote) C->S compression: none,zlib@openssh.com
Handshake: C->S compression: none
Handshake: (local) S->C compression: none,zlib@openssh.com,zlib
Handshake: (remote) S->C compression: none,zlib@openssh.com
Handshake: S->C compression: none
Outbound: Sending KEXDH_GEX_REQUEST
Received DH GEX Group
--------------------------About  20 seconds later -------------------------------
Outbound: Sending KEXDH_GEX_INIT
Uncaught Error: Timed out while waiting for handshake
  (anonymous function)	
  listOnTimeout	
  processTimers	
Async call from await
  runMainESM	
  executeUserEntryPoint	
  (anonymous function)

20秒是因为ssh默认超时时间就是20秒,最后参考了https://github.com/mscdex/ssh2/issues/842 把diffie-hellman-group-exchange-sha256  从hex算法列表中去掉就好了。看起来是Openssl/LibreSSL 的diffie-hellman-group-exchange-sha256算法在arm/arm64架构上会死循环导致的。解决方案,就是把这个算法从kex列表中去掉,参考:

  algorithms: {
      kex: {
        remove: [
          'diffie-hellman-group-exchange-sha256'
        ]
      }
    }