我正在使用Sublime SFTP 插件为了Sublime Text 3。我尝试连接到远程服务器。但是,连接立即失败并显示错误消息Connection timeout。
连接到 SFTP 服务器”我的服务器IP地址“作为“root”.....失败(连接超时)
这是我对该服务器的配置。请注意,出于安全原因,我隐藏了我的真实 IP 地址和密码。
{
// The tab key will cycle through the settings when first created
// Visit http://wbond.net/sublime_packages/sftp/settings for help
// sftp, ftp or ftps
"type": "sftp",
"sync_down_on_open": false,
"sync_same_age": false,
"host": "myserveripaddress",
"user": "root",
"password": "password",
"port": "22",
"remote_path": "/var/www",
//"file_permissions": "664",
//"dir_permissions": "775",
//"extra_list_connections": 0,
"connect_timeout": 30,
//"keepalive": 120,
//"ftp_passive_mode": true,
//"ftp_obey_passive_host": false,
//"ssh_key_file": "~/.ssh/id_rsa",
//"sftp_flags": ["-F", "/path/to/ssh_config"],
//"preserve_modification_times": false,
//"remote_time_offset_in_hours": 0,
//"remote_encoding": "utf-8",
//"remote_locale": "C",
//"allow_config_upload": false,
}
此外
- 关闭防火墙并不能解决这个问题。
- 连接到托管在我自己的网络确实有效。
- 连接超时会立即发生。提高
connect_timeout设置不会产生任何效果。 - 我没有使用错误的连接类型。事实上,切换连接
ftp或ftps实际上在 30 秒后超时,而不是立即超时。 - 远程服务器没有关闭。我可以通过以下两种方式访问远程服务器
putty和FileZilla使用相同的凭证。
sublime_sftp_debug.txt
我打开了调试模式,以下是我在日志中得到的内容。
2015-08-14 22:48:34, SFTP Read:
Fatal: Server unexpectedly closed network connection
认证日志
这是我得到的/var/log/auth.d。再次强调,出于安全原因,身份信息已被删除。
Aug 15 16:34:24 localhost sshd[23275]: debug3: fd 5 is not O_NONBLOCK
Aug 15 16:34:24 localhost sshd[23275]: debug1: Forked child 25116.
Aug 15 16:34:24 localhost sshd[23275]: debug3: send_rexec_state: entering fd = 8 config len 982
Aug 15 16:34:24 localhost sshd[23275]: debug3: ssh_msg_send: type 0
Aug 15 16:34:24 localhost sshd[23275]: debug3: send_rexec_state: done
Aug 15 16:34:24 localhost sshd[25116]: debug3: oom_adjust_restore
Aug 15 16:34:24 localhost sshd[25116]: Set /proc/self/oom_score_adj to 0
Aug 15 16:34:24 localhost sshd[25116]: debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
Aug 15 16:34:24 localhost sshd[25116]: error: Could not load host key: /etc/ssh/ssh_host_ed25519_key
Aug 15 16:34:24 localhost sshd[25116]: debug1: inetd sockets after dupping: 3, 3
Aug 15 16:34:24 localhost sshd[25116]: Connection from MYIPADDRESS port 61120 on SERVERIPADDRESS port 22
Aug 15 16:34:24 localhost sshd[25116]: debug1: Client protocol version 2.0; client software version PuTTY_Local:_Aug__1_2012_03:14:17
Aug 15 16:34:24 localhost sshd[25116]: debug1: no match: PuTTY_Local:_Aug__1_2012_03:14:17
Aug 15 16:34:24 localhost sshd[25116]: debug1: Enabling compatibility mode for protocol 2.0
Aug 15 16:34:24 localhost sshd[25116]: debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
Aug 15 16:34:24 localhost sshd[25116]: debug2: fd 3 setting O_NONBLOCK
Aug 15 16:34:24 localhost sshd[25116]: debug2: Network child is on pid 25117
Aug 15 16:34:24 localhost sshd[25116]: debug3: preauth child monitor started
Aug 15 16:34:24 localhost sshd[25116]: debug3: privsep user:group 104:65534 [preauth]
Aug 15 16:34:24 localhost sshd[25116]: debug1: permanently_set_uid: 104/65534 [preauth]
Aug 15 16:34:24 localhost sshd[25116]: debug1: list_hostkey_types: ssh-rsa [preauth]
Aug 15 16:34:24 localhost sshd[25116]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug1: SSH2_MSG_KEXINIT received [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchang$
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: ssh-rsa [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: [email protected],[email protected],aes256-ctr,aes128-ctr [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: [email protected],[email protected],aes256-ctr,aes128-ctr [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],hmac-sha$
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: [email protected],[email protected],[email protected],hmac-sha$
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: none,[email protected] [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: none,[email protected] [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: first_kex_follows 0 [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: reserved 0 [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group1$
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: ssh-rsa,ssh-dss [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc$
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: aes256-ctr,aes256-cbc,[email protected],aes192-ctr,aes192-cbc,aes128-ctr,aes128-cbc$
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5 [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5 [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: none,zlib [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: none,zlib [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: first_kex_follows 0 [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug2: kex_parse_kexinit: reserved 0 [preauth]
Aug 15 16:34:25 localhost sshd[25116]: fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5 server [email protected],hmac-sha2-256-$
Aug 15 16:34:25 localhost sshd[25116]: debug1: do_cleanup [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug3: PAM: sshpam_thread_cleanup entering [preauth]
Aug 15 16:34:25 localhost sshd[25116]: debug1: monitor_read_log: child log fd closed
Aug 15 16:34:25 localhost sshd[25116]: debug3: mm_request_receive entering
Aug 15 16:34:25 localhost sshd[25116]: debug1: do_cleanup
Aug 15 16:34:25 localhost sshd[25116]: debug3: PAM: sshpam_thread_cleanup entering
Aug 15 16:34:25 localhost sshd[25116]: debug1: Killing privsep child 25117
为什么我无法通过 Sublime SFTP 连接到我的远程服务器?我还应该尝试其他设置吗?
答案1
问题的关键是日志中的这一行:
fatal: no matching mac found: client hmac-sha1,hmac-sha1-96,hmac-md5 server [email protected],hmac-sha2-256-$
这些是 ssh 协议使用的身份验证算法。正如日志所显示的那样,客户端和服务器使用的算法不同,因此它们无法通信。
两种解决方案:
- 将客户端更新为支持服务器 mac 算法的客户端。例如,最新版本的 Putty 就可以使用。
- 更改服务器配置以接受客户端使用的 mac 算法。
第二种解决方案就是你在答案中所做的,但你不需要替换整行。取你最初的那行,并添加你的客户端支持的最强算法。在你的情况下,这将改变这个
MACs [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1
对此
MACs [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,hmac-sha1
(我刚刚将 hmac-sha1 添加到列表末尾)
这将产生与您所做的相同的效果,但不会禁用您已配置的 mac 算法。
答案2
我找到了一个可行的服务器端解决方案。
在 /etc/ssh/sshd_config 中,我必须更改
MACs [email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1
到
MACs hmac-sha1,hmac-sha1-96,hmac-md5,[email protected],[email protected],[email protected],hmac-sha2-512,hmac-sha2-256,hmac-ripemd160
KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1
但是,这是一个服务器端解决方案。我仍然想知道我是否可以在客户端做些什么。
答案3
如果使用 SSH 文件密钥,则密钥路径中不能有空格或奇怪的字符。删除路径中的空格解决了我的超时问题。