AWS Linux DHCPREQUEST On Eth0 导致的宕机问题

最近几天，博客所使用的 EC2 服务器一直不稳定。最开始，我以为是又双双叕叕叕敠被攻击了。

在重启了多次之后，查看了多次日志之后发现了一个原因：DHCPREQUEST on eth0 to，日志如下：

May 10 20:40:12 ip-172-31-18-86 dhclient[2192]: DHCPREQUEST on eth0 to 172.31.16.1 port 67 (xid=0x49c744e7)May 10 20:40:12 ip-172-31-18-86 dhclient[2192]: DHCPACK from 172.31.16.1 (xid=0x49c744e7)May 10 20:40:14 ip-172-31-18-86 dhclient[2192]: bound to 172.31.18.86 -- renewal in 1724 seconds.May 10 20:40:14 ip-172-31-18-86 ec2net: [get_meta] Trying to get http://169.254.169.254/latest/meta-data/network/interfaces/macs/06:ce:d8:0e:2a:ec/local-ipv4sMay 10 20:40:15 ip-172-31-18-86 ec2net: [rewrite_aliases] Rewriting aliases of eth0May 10 20:47:48 ip-172-31-18-86 sshd[7841]: rexec line 52: Deprecated option RSAAuthenticationMay 10 20:57:26 ip-172-31-18-86 sshd[7844]: rexec line 52: Deprecated option RSAAuthenticationMay 10 21:00:22 ip-172-31-18-86 sshd[7846]: rexec line 52: Deprecated option RSAAuthenticationMay 10 21:00:36 ip-172-31-18-86 sshd[7848]: rexec line 52: Deprecated option RSAAuthenticationMay 10 21:07:03 ip-172-31-18-86 sshd[7862]: rexec line 52: Deprecated option RSAAuthenticationMay 10 23:36:35 ip-172-31-18-86 kernel: imklog 5.8.10, log source = /proc/kmsg started.May 10 23:36:35 ip-172-31-18-86 rsyslogd: [origin software="rsyslogd" swVersion="5.8.10" x-pid="2261" x-info="http://www.rsyslog.com"] start

于是，我先手动把 DHCP eth0 的相关进程干掉，下一步在再看看会不会在还出现问题：

/bin/kill `cat /var/run/dhclient-eth0.pid`

Deprecated option RSAAuthentication

同样的，还有一个问题是：

May 11 23:31:01 ip-172-31-18-86 sshd[5653]: rexec line 52: Deprecated option RSAAuthenticationMay 11 23:37:04 ip-172-31-18-86 sshd[5661]: rexec line 52: Deprecated option RSAAuthenticationMay 11 23:57:38 ip-172-31-18-86 sshd[5675]: rexec line 52: Deprecated option RSAAuthenticationMay 12 00:31:49 ip-172-31-18-86 sshd[5705]: rexec line 52: Deprecated option RSAAuthenticationMay 12 00:35:33 ip-172-31-18-86 sshd[5708]: rexec line 52: Deprecated option RSAAuthenticationMay 12 00:36:00 ip-172-31-18-86 sshd[5710]: rexec line 52: Deprecated option RSAAuthentication

于是，便顺手解决一下这个问题吧。先备份一下旧的配置：

cp -a /etc/ssh/sshd_config /etc/ssh/sshd_config-backup

然后，注释掉 sshd_config文件中的 RSAAuthentication：

RSAAuthentication yes

参考：

1. https://qiita.com/smallpalace/items/65819405fa421bfc386e
2. https://raspberrypi.stackexchange.com/questions/3332/alter-dhclient-to-retry-fetching-ip-address/10184
3. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=266175