我正在尝试使用 ssh 从 Mac 连接到 Ubuntu 12.04。我收到“对方重置连接”的消息。再试一次,我收到“端口 22:连接被拒绝”的消息。继续尝试,我收到密码提示。输入密码并成功登录。执行几个命令,然后出现“写入失败:管道损坏”,连接断开。
网络是有线以太网。Ubuntu 服务器和 Mac 客户端都位于同一子网中,并插入同一交换机。两者的其他网络似乎运行良好,即我可以使用 Web 浏览器。
我已经做好了apt-get install openssh-server
我登录到控制台并检查 sshd 正在运行。
ps -ef | grep sshd
root 1003 1 0 Nov29 ? 00:00:00 /usr/sbin/sshd -D
我跑了
ufw allow ssh
然后在 Mac 上反复尝试此操作:
Kens-MacBook-Pro-44% ssh 10.1.10.197
ssh: connect to host 10.1.10.197 port 22: Connection reset by peer
Kens-MacBook-Pro-44% ssh 10.1.10.197
ssh: connect to host 10.1.10.197 port 22: Connection refused
Kens-MacBook-Pro-44% ssh 10.1.10.197
ssh: connect to host 10.1.10.197 port 22: Connection refused
Kens-MacBook-Pro-44% ssh 10.1.10.197
[email protected]'s password: `
突然就成功了。输入密码,
Welcome to Ubuntu 12.04.5 LTS (GNU/Linux 3.2.0-72-generic-pae i686)...
所以我可以做一些事情,比如向你展示日志:
garges@oxfordhouse:~$ cd /var/log
garges@oxfordhouse:/var/log$ tail auth.log
Nov 30 00:06:00 oxfordhouse sshd[3392]: pam_unix(sshd:session): session closed for user garges
Nov 30 00:08:49 oxfordhouse sshd[3647]: Set /proc/self/oom_score_adj to 0
Nov 30 00:08:49 oxfordhouse sshd[3647]: Connection from 10.1.10.14 port 55453
Nov 30 00:08:49 oxfordhouse sshd[3647]: Failed publickey for garges from 10.1.10.14 port 55453 ssh2
Nov 30 00:08:49 oxfordhouse sshd[3647]: Failed publickey for garges from 10.1.10.14 port 55453 ssh2
Nov 30 00:08:57 oxfordhouse sshd[3647]: Accepted password for garges from 10.1.10.14 port 55453 ssh2
Nov 30 00:08:57 oxfordhouse sshd[3647]: pam_unix(sshd:session): session opened for user garges by (uid=0)
Nov 30 00:08:57 oxfordhouse sshd[3647]: User child is on pid 3773
Nov 30 00:09:01 oxfordhouse CRON[3876]: pam_unix(cron:session): session opened for user root by (uid=0)
Nov 30 00:09:02 oxfordhouse CRON[3876]: pam_unix(cron:session): session closed for user root`
并向您展示我的配置文件:
garges@oxfordhouse:/var/log$ cd /etc/ssh
garges@oxfordhouse:/etc/ssh$ cat sshd_config
# Package generated configuration file
# See the sshd_config(5) manpage for details`
# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768
# Logging
SyslogFacility AUTH
LogLevel VERBOSE
# Authentication:
LoginGraceTime 120
PermitRootLogin yes
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwords
#PasswordAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
#Banner /etc/issue.net
# Allow client to pass locale environment variables
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
其他几个毫无意义的 ls 命令之后,连接就关闭了:
garges@oxfordhouse:/etc/ssh$ ls
moduli sshd_config.bak ssh_host_ecdsa_key ssh_host_rsa_key.pub
ssh_config ssh_host_dsa_key ssh_host_ecdsa_key.pub ssh_import_id
sshd_config ssh_host_dsa_key.pub ssh_host_rsa_key
garges@oxfordhouse:/etc/ssh$ Write failed: Broken pipe
Kens-MacBook-Pro-44%
整个场景非常常见。即使重新启动 Mac 和 Ubuntu 后也会出现这种情况。Mac 和 Ubuntu 上的其他网络连接均正常工作。
有任何想法吗?
答案1
确实很奇怪。您可以尝试以下几种替代方案:
sudo ping -f 10.1.10.197
发送大量 ICMP 数据包。这会在发送数据包时写入一个点,并在收到响应 (pong) 时将其删除。如果您的屏幕开始写入大量点,则是因为数据包在中间某处被丢弃。mtr 10.1.10.197
是使用类固醇的跟踪路由。arp-scan -t 200 -l -I eth0
查找是否有人也拥有相同的 IP(如 Rmano 所述)。您可以尝试使用静态 IP 地址来避免这种情况。- 设置活着ssh 客户端上的偏好设置(添加服务器发送无操作代码之前的秒数):
- 全局
/etc/ssh/ssh_config
添加:ServerAliveInterval 60
- 或者向当前用户添加
~/.ssh/config
:
主持人 *
服务器存活间隔 60
另外,看看莫什-具有漫游和智能本地回声功能的移动外壳。