报错处理
由于没有公钥,无法验证下列签名
W: GPG 错误:http://ppa.launchpad.net precise Release: 由于没有公钥,无法验证下列签名: NO_PUBKEY 6AF0E1940624A220
W: 无法下载 bzip2:/var/lib/apt/lists/partial/mirrors.163.com_ubuntu_dists_precise_main_binary-i386_Packages Hash 校验和不符
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 6AF0E1940624A220 #此处6AF0E1940624A220需要是错误提示的key
ssh无法连接到外网Linux主机
场景描述:
内网Linux主机ssh连接正常,不能ssh连接外网Linux
telnet 外网IP 22 通,ping命令通
此时可以试试以下方法
koala@koala:~$ ssh root@domain.com
(等待很久)Connection closed by xx.xx.xx.xx port 22
koala@koala:~$ ssh -v root@domain.com
OpenSSH_8.4p1, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to domain.com [xx.xx.xx.xx] port 22.
debug1: Connection established.
debug1: identity file /home/koala/.ssh/id_rsa type 0
debug1: identity file /home/koala/.ssh/id_rsa-cert type -1
debug1: identity file /home/koala/.ssh/id_dsa type -1
debug1: identity file /home/koala/.ssh/id_dsa-cert type -1
debug1: identity file /home/koala/.ssh/id_ecdsa type -1
debug1: identity file /home/koala/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/koala/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/koala/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/koala/.ssh/id_ed25519 type -1
debug1: identity file /home/koala/.ssh/id_ed25519-cert type -1
debug1: identity file /home/koala/.ssh/id_ed25519_sk type -1
debug1: identity file /home/koala/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/koala/.ssh/id_xmss type -1
debug1: identity file /home/koala/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.4
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug1: Authenticating to domain.com:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
Connection closed by xx.xx.xx.xx port 22
此时查看本机mtu值
koala@koala:~$ netstat -i
Kernel Interface table
Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
br-19d23 1500 0 0 0 0 0 0 0 0 BMU
br-79631 1500 0 0 0 0 212 0 0 0 BMRU
docker0 1500 0 0 0 0 0 0 0 0 BMU
enp4s0f1 1500 0 0 0 0 0 0 0 0 BMU
lo 65536 1620 0 0 0 1620 0 0 0 LRU
veth9e8a 1500 0 0 0 0 239 0 0 0 BMRU
vmnet1 1500 0 0 0 0 222 0 0 0 BMRU
vmnet8 1500 0 0 0 0 223 0 0 0 BMRU
wlp3s0 1492 68412 0 0 0 23095 0 0 0 BMRU
测试mtu合理值
ping -s 1444 -M do baidu.com
#错误时
$ ping -s 1472 -M do baidu.com
PING baidu.com (220.181.38.148) 1472(1500) bytes of data.
ping: local error: message too long, mtu=1492
ping: local error: message too long, mtu=1492
ping: local error: message too long, mtu=1492
#正确时
$ ping -s 1464 -M do baidu.com
PING baidu.com (220.181.38.148) 1464(1492) bytes of data.
1452 比特,来自 220.181.38.148 (220.181.38.148): icmp_seq=1 ttl=52 时间=18.6 毫秒
1452 比特,来自 220.181.38.148 (220.181.38.148): icmp_seq=2 ttl=52 时间=18.2 毫秒
1452 比特,来自 220.181.38.148 (220.181.38.148): icmp_seq=3 ttl=52 时间=18.3 毫秒
1452 比特,来自 220.181.38.148 (220.181.38.148): icmp_seq=4 ttl=52 时间=18.2 毫秒
找到一个阈值, 1464(1492) 1492就是要设置本机mtu的值
设置mtu
#1、设置本机的mtu,即时生效,重启后失效
ifconfig eth0 mtu 1492 up #up可加可不加
#2、永久生效的修改方法,缺点是需要重启网卡
ubuntu 服务器是使用netplan管理网络不是networkmanager
#service network restart 重启网卡
tips: 一般以太网MTU都为1500, 在pppoe拨号路由中,会有8字节gre包装头,linux貌似是解析不了
ubuntu apt-get 错误 Temporary failure resolving ‘us.archive.ubuntu.com’ 解决
原因是dns没有配置,解决办法 加入dns服务器地址:
vi /etc/resolv.conf