遗憾的是,SSH 到 Icinga2 服务器不起作用

tag-icon tag-icon networking server 20.04 ssh
遗憾的是,SSH 到 Icinga2 服务器不起作用

我让 SSH 在端口 50509 上与我的服务器通信,但它突然停止工作了。我当时正在安装 Icinga2、MySQL 和 Apache2。安装后,它停止工作了。SSH/SSHD SSH.service/SSHD.service 正在运行。服务器之间的 Ping 工作正常。

从我的 Windows 客户端:

C:\Users\Username>ssh [email protected] -p 50509
ssh: connect to host 172.22.10.133 port 50509: Connection timed out
C:\Users\Username>ssh [email protected] -p 22
ssh: connect to host 172.22.10.133 port 22: Connection refused

C:\Users\Username>telnet 172.22.10.133 22
Connecting to 172.22.10.133...Could not open connection to the host, on port 22 : Connection failed 
C:\Users\Username>telnet 172.22.10.133 50509
Connecting to 172.22.10.133...Could not open connection to the host, on port 50509 : Connection failed

在 Ubuntu 服务器上:

username@servername:~/Desktop$ sudo ufw status 
[sudo] password for user: 
Status: inactive
username@servername:~/Desktop$ sudo ufw enable
Firewall is active and enabled on system startup
username@servername:~/Desktop$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
50509                      ALLOW       Anywhere                  
22                         ALLOW       Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)             
22 (v6)                    ALLOW       Anywhere (v6)             
50509 (v6)                 ALLOW       Anywhere (v6)             

username@servername:~/Desktop$ sudo ufw allow ssh
Skipping adding existing rule
Skipping adding existing rule (v6)
username@servername:~/Desktop$ sudo lsof -i:50509
COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
sshd    1095 root    3u  IPv4  27587      0t0  TCP *:50509 (LISTEN)
sshd    1095 root    4u  IPv6  27589      0t0  TCP *:50509 (LISTEN)      
username@servername:~/Desktop$ ip add | grep 172.22.10.133 
inet 172.22.10.133/24 brd 172.22.10.255 scope global noprefixroute ens160

我在 /etc/ssh/sshd_config 中列出了端口 50509。但我甚至没有收到提示输入密码的连接,就像我之前遇到的那样,它只是超时了。我还使用了 Google Auth,它也起作用了。但同样,我认为没有关系。我尝试禁用/启用 ufw 防火墙,但没有任何帮助。还尝试启动服务器和 PC。

我可以通过端口上的 ssh 直接通过服务器上的 LOOPBACK 进行连接。

Wireshark 显示有关连接的以下信息:

233 8.471572    172.22.11.131   172.22.10.133   TCP 66  [TCP Retransmission] 53076 → 50509 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM=1

234 8.472026    172.22.10.133   172.22.11.131   ICMP    94  Destination unreachable (Communication administratively filtered)

可能是 CheckPoint 路由器(数据包转发)上的某些东西阻止了它?

我已将 CP 中的每个人都可以设置为 172.22.10.x 和 172.22.11.x 之间的双向。

提前感谢您的帮助!

答案1

在 Ubuntu 服务器中添加firewall-cmd 和 iptables 命令解决了以下问题:

ssh: connect to host 172.22.10.133 port 50509: Connection timed out

现在:

C:\Users\Username>ssh [email protected] -p 50509
Password:
Verification code:
Welcome to Ubuntu 20.10 (GNU/Linux 5.8.0-26-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

6 updates can be installed immediately.
0 of these updates are security updates.
To see these additional updates run: apt list --upgradable

Last login: Thu Oct 29 10:01:44 2020 from 172.22.11.131
Welcome to Ubuntu 20.10 (GNU/Linux 5.8.0-26-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage

6 updates can be installed immediately.
0 of these updates are security updates.
To see these additional updates run: apt list --upgradable

Last login: Thu Oct 29 10:01:44 2020 from 172.22.11.131

相关内容