メインコンテンツへスキップ

クライアントの過剰な受信接続が原因で、SSH経由でクラスタにアクセスできません

  1. 最後の更新
  2. PDFとして保存
Views:
843
Visibility:
Public
Votes:
1
Category:
ontap-9
Specialty:
network<a>SSH</a><a>2009120698</a><a>過度</a><a>の着信接続</a><a>が</a><a>リモート</a><a>ホスト</a><a>による変換</a><a>のために閉じ</a>られました
Last Updated:

環境

  • ONTAP 9
  • SSH

問題

  • 次のエラーでSSH経由でクラスタ管理またはノード管理にアクセスできません
# ssh -vvv admin@clustermgmt.local
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 62: Applying options for *
debug1: Executing proxy command: exec /usr/bin/sss_ssh_knownhostsproxy -p 22 clustermgmt.local
debug1: permanently_set_uid: 0/0
debug1: permanently_drop_suid: 0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4
ssh_exchange_identification: Connection closed by remote host
  • ストレージ監査ログに接続試行回数が多すぎるため、SSHサービスを非アクティブにできないことが示されています
0000001c.000068ae 00002423 Sun Apr 03 2022 08:17:51 +03:00 [daemon:error] 1 2022-04-03T08:17:51.341021+03:00 node-01 xinetd 6704 - - Deactivating service ssh due to excessive incoming connections. Restarting in 60 seconds.
0000001c.000068fd 0000278c Sun Apr 03 2022 08:19:17 +03:00 [daemon:error] 1 2022-04-03T08:19:17.765067+03:00 node-01 xinetd 6704 - - Deactivating service ssh due to excessive incoming connections. Restarting in 60 seconds.
 
  • ifstat SSHポート22がリスンしていないことを表示します
---- ANYVSERVER IPSpace ----
Active Internet connections (including servers)
Proto Recv-Q Send-Q Rexmit OOORcv 0-win Local Address Foreign Address (state) VCTX Services Used-CG Req-CG Hash CG-Row CG-Col CG-Class Weight Bytes_Sent Bytes_Rcvd Rwind Swind Cong-win(bytes) Cong-win-thresh(bytes) MSS(bytes) Cong-algo ECN
tcp4 0 0 0 0 0 *.22 *.* CLOSED ANY 0x01FFFE7E ------- ------ 0 0 0 ---------------- 0 0 0 0 0 1073725440 1073725440 1220 cubic N/A
tcp4 0 0 0 0 0 *.22 *.* CLOSED ANY 0x01FFFE7E ------- ------ 0 0 0 ---------------- 0 0 0 0 0 1073725440 1073725440 1220 cubic N/A
tcp4 0 0 0 0 0 *.22 *.* CLOSED ANY 0x01FFFE7E ------- ------ 0 0 0 ---------------- 0 0 0 0 0 1073725440 1073725440 1220 cubic N/A
tcp4 0 0 0 0 0 *.22 *.* CLOSED ANY 0x01FFFE7E ------- ------ 0 0 0 ---------------- 0 0 0 0 0 1073725440 1073725440 1220 cubic N/A

 

Sign in to view the entire content of this KB article.

New to NetApp?

Learn more about our award-winning Support

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.