通过 SSH 进入运行 xinetd 的服务器会抛出错误“kex_exchange_identification:读取:对等方重置连接”

tag-icon tag-icon ssh openssh xinetd
通过 SSH 进入运行 xinetd 的服务器会抛出错误“kex_exchange_identification:读取:对等方重置连接”

我有两台安装了该软件的服务器正在运行ubuntu 22.04.2 LTSopenssh-server 1:8.9p1-3ubuntu0.1我在两台服务器上都安装了相同的管理员用户。

我想测试旧版超级守护进程xinetd为了远程控制。因此我ssh.service在第一台服务器上停止了,并xinetd.service在添加以下配置文件后在该服务器上启动了:

cat /etc/xinetd.d/ssh

service ssh
{
    disable     = no
    socket_type = stream
    protocol    = tcp
    wait        = no
    user        = root
    server      =/usr/sbin/sshd
    server_args = -1
    flags       = IPv4
    interface   = 192.168.50.100
}

当我尝试通过 ssh 进入运行的服务器时xinetd, 这xinetd守护进程应该启动远程控制目标服务器上的守护进程并允许我进入。但我收到以下错误消息:

ssh -v 192.168.50.100

OpenSSH_8.9p1 Ubuntu-3ubuntu0.1, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 192.168.50.100 [192.168.50.100] port 22.
debug1: Connection established.
debug1: identity file /home/thomasgrusz/.ssh/id_rsa type -1
debug1: identity file /home/thomasgrusz/.ssh/id_rsa-cert type -1
debug1: identity file /home/thomasgrusz/.ssh/id_ecdsa type -1
debug1: identity file /home/thomasgrusz/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/thomasgrusz/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/thomasgrusz/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/thomasgrusz/.ssh/id_ed25519 type -1
debug1: identity file /home/thomasgrusz/.ssh/id_ed25519-cert type -1
debug1: identity file /home/thomasgrusz/.ssh/id_ed25519_sk type -1
debug1: identity file /home/thomasgrusz/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/thomasgrusz/.ssh/id_xmss type -1
debug1: identity file /home/thomasgrusz/.ssh/id_xmss-cert type -1
debug1: identity file /home/thomasgrusz/.ssh/id_dsa type -1
debug1: identity file /home/thomasgrusz/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.1
debug1: kex_exchange_identification: banner line 0: unknown option -- 1
kex_exchange_identification: read: Connection reset by peer
Connection reset by 192.168.50.100 port 22

有任何想法吗?

答案1

使用

server_args = -i

对于 xinetd。

答案2

更新:2023 年 3 月 12 日

我在查看错误日志时发现了这个问题詩德目标服务器上的守护进程。当我尝试 ssh 时,它会抛出以下错误:

Mar 12 14:09:06 ubuntuserver100 sshd[1551]: fatal: Missing privilege separation directory: /run/sshd

/run/sshd/手动创建了目录,然后一切都运行正常。但这是一个临时文件夹,因此重启后它会再次丢失。我通过添加以下文件解决了这个问题:

thomasgrusz@ubuntuserver100:~$ cat /usr/lib/tmpfiles.d/sshd.conf
d /run/sshd 0755 root root

我的想法来自这个帖子,但对此可能有一个更优雅的解决方案。

有人知道为什么这个文件夹会丢失吗?

相关内容