SSH 突然拒绝我

SSH 突然拒绝我

我有一台启用了自动安全更新的 Ubuntu 14.04 服务器。SSH 配置了以下选项

Port 22
PermitRootLogin no
PasswordAuthentication no

当然,我已经在用户的 .ssh 文件夹中设置了 SSH 密钥。我已经设置了 10 个这样的服务器,但突然有一台服务器拒绝了我。

$ ssh -vv [email protected].*.*
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /Users/tpg/.ssh/config
debug1: /Users/tpg/.ssh/config line 84: Applying options for *
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 149.56.*.* [149.56.*.*] port 22.
debug1: connect to address 149.56.*.* port 22: Connection refused
ssh: connect to host 149.56.*.* port 22: Connection refused

我没有控制台 (kvm),只有一个救援启动,我可以挂载文件系统并编辑文件。所以我编辑了 sshd_config 文件以接受 root 和密码,但它仍然拒绝我。

在救援模式下,我无法修复文件系统上的软件包(据我所知),所以我不知道如何让该服务器再次接受我。我希望有人能给我指明正确的方向。

据我所知,我没有安装 ufw(/lib/ufw 不存在)。

编辑:对服务器进行了 nmap 检查,发现没有打开端口 22。有人知道我如何在没有访问权限的情况下启动 sshd 服务器吗?


结果摘录自grep -rn sshd /var/log

./auth.log:18607:Mar  9 12:58:58 komodoNA sshd[26971]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18616:Mar  9 13:02:10 komodoNA sshd[27172]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18619:Mar  9 13:03:08 komodoNA sshd[27224]: fatal: no matching mac found: client hmac-md5,hmac-sha1 server [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 [preauth]
./auth.log:18620:Mar  9 13:03:08 komodoNA sshd[27225]: fatal: no matching mac found: client hmac-md5,hmac-sha1 server [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 [preauth]
./auth.log:18621:Mar  9 13:03:11 komodoNA sshd[27228]: fatal: no matching mac found: client hmac-md5,hmac-sha1 server [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 [preauth]
./auth.log:18624:Mar  9 13:04:05 komodoNA sshd[27279]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18629:Mar  9 13:06:08 komodoNA sshd[27381]: Invalid user user from 181.39.89.146
./auth.log:18630:Mar  9 13:06:08 komodoNA sshd[27381]: input_userauth_request: invalid user user [preauth]
./auth.log:18631:Mar  9 13:06:08 komodoNA sshd[27381]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18638:Mar  9 13:09:25 komodoNA sshd[27533]: Invalid user user1 from 181.39.89.146
./auth.log:18639:Mar  9 13:09:25 komodoNA sshd[27533]: input_userauth_request: invalid user user1 [preauth]
./auth.log:18640:Mar  9 13:09:25 komodoNA sshd[27533]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18645:Mar  9 13:11:24 komodoNA sshd[27636]: Invalid user user01 from 181.39.89.146
./auth.log:18646:Mar  9 13:11:24 komodoNA sshd[27636]: input_userauth_request: invalid user user01 [preauth]
./auth.log:18647:Mar  9 13:11:24 komodoNA sshd[27636]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18652:Mar  9 13:13:20 komodoNA sshd[27740]: Invalid user user2 from 181.39.89.146
./auth.log:18653:Mar  9 13:13:20 komodoNA sshd[27740]: input_userauth_request: invalid user user2 [preauth]
./auth.log:18654:Mar  9 13:13:20 komodoNA sshd[27740]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18659:Mar  9 13:15:16 komodoNA sshd[27843]: Invalid user user3 from 181.39.89.146
./auth.log:18660:Mar  9 13:15:16 komodoNA sshd[27843]: input_userauth_request: invalid user user3 [preauth]
./auth.log:18661:Mar  9 13:15:16 komodoNA sshd[27843]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18664:Mar  9 13:16:43 komodoNA sshd[27897]: Received disconnect from 59.49.224.224: 11: ok [preauth]
./auth.log:18669:Mar  9 13:17:10 komodoNA sshd[27959]: Invalid user user02 from 181.39.89.146
./auth.log:18670:Mar  9 13:17:10 komodoNA sshd[27959]: input_userauth_request: invalid user user02 [preauth]
./auth.log:18671:Mar  9 13:17:11 komodoNA sshd[27959]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18676:Mar  9 13:19:06 komodoNA sshd[28062]: Invalid user user03 from 181.39.89.146
./auth.log:18677:Mar  9 13:19:06 komodoNA sshd[28062]: input_userauth_request: invalid user user03 [preauth]
./auth.log:18678:Mar  9 13:19:06 komodoNA sshd[28062]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18683:Mar  9 13:21:01 komodoNA sshd[28119]: Invalid user user1 from 181.39.89.146
./auth.log:18684:Mar  9 13:21:01 komodoNA sshd[28119]: input_userauth_request: invalid user user1 [preauth]
./auth.log:18685:Mar  9 13:21:01 komodoNA sshd[28119]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18688:Mar  9 13:22:57 komodoNA sshd[28222]: Invalid user user2 from 181.39.89.146
./auth.log:18689:Mar  9 13:22:57 komodoNA sshd[28222]: input_userauth_request: invalid user user2 [preauth]
./auth.log:18690:Mar  9 13:22:57 komodoNA sshd[28222]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18695:Mar  9 13:24:54 komodoNA sshd[28326]: Invalid user user3 from 181.39.89.146
./auth.log:18696:Mar  9 13:24:54 komodoNA sshd[28326]: input_userauth_request: invalid user user3 [preauth]
./auth.log:18697:Mar  9 13:24:54 komodoNA sshd[28326]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18702:Mar  9 13:26:49 komodoNA sshd[28429]: Invalid user usertest from 181.39.89.146
./auth.log:18703:Mar  9 13:26:49 komodoNA sshd[28429]: input_userauth_request: invalid user usertest [preauth]
./auth.log:18704:Mar  9 13:26:50 komodoNA sshd[28429]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18709:Mar  9 13:28:47 komodoNA sshd[28532]: Invalid user dev from 181.39.89.146
./auth.log:18710:Mar  9 13:28:47 komodoNA sshd[28532]: input_userauth_request: invalid user dev [preauth]
./auth.log:18711:Mar  9 13:28:47 komodoNA sshd[28532]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18714:Mar  9 13:29:55 komodoNA sshd[28586]: fatal: no matching cipher found: client aes128-cbc,blowfish-cbc,3des-cbc server [email protected],[email protected],aes256-ctr,aes128-ctr [preauth]
./auth.log:18715:Mar  9 13:29:58 komodoNA sshd[28588]: fatal: no matching cipher found: client aes128-cbc,blowfish-cbc,3des-cbc server [email protected],[email protected],aes256-ctr,aes128-ctr [preauth]
./auth.log:18718:Mar  9 13:30:01 komodoNA sshd[28590]: Did not receive identification string from 123.31.32.58
./auth.log:18719:Mar  9 13:30:55 komodoNA sshd[28640]: Invalid user mysql from 181.39.89.146
./auth.log:18720:Mar  9 13:30:55 komodoNA sshd[28640]: input_userauth_request: invalid user mysql [preauth]
./auth.log:18721:Mar  9 13:30:55 komodoNA sshd[28640]: Connection closed by 181.39.89.146 [preauth]
./auth.log:18726:Mar  9 13:32:59 komodoNA sshd[28744]: fatal: no matching mac found: client hmac-md5,hmac-sha1 server [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 [preauth]
./auth.log:18729:Mar  9 13:33:02 komodoNA sshd[28795]: fatal: no matching mac found: client hmac-md5,hmac-sha1 server [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160 [preauth]

/etc/ssh/sshd_config内容:

root@rescue:/mnt/root# cat /mnt/etc/ssh/sshd_config | egrep -v '^[[:space:]]*#|^[[:space:]]*$|^[[:space:]]*;'
Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 1024
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 120
PermitRootLogin no
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
PasswordAuthentication no
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server
UsePAM yes
Ciphers [email protected],[email protected],aes256-ctr,aes128-ctr
MACs [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1

答案1

关于您的编辑。假设 SSH 已关闭,

您可以从救援模式检查日志并查看 SSH 无法启动的原因。

  • 进入救援模式
  • 登录服务器
  • cd进入/var/log
  • 运行类似grep -rn sshd .

这应该会开始带来与 SSH 服务器相关的结果。看看您是否可以开始查找错误并开始将其发回。如果有时间戳,看看您是否可以找到自上次重新启动服务器以来的错误。

检查磁盘空间并确保您的用户不在任何不允许的节中。

DenyUsers <username>

相关内容