我想在 ubuntu docker 容器中在 22 以外的其他端口上运行 sshd(用于隧道)。我执行了以下命令https://docs.docker.com/examples/running_ssh_service/。第一次运行它时,我可以从另一台机器成功连接到它。在我停止并启动容器后,我无法再连接到 ssh(多次重复重新启动容器没有帮助)。
我所做的所有这些测试均来自同一个容器。
我使用以下命令来启动它:
$(which sshd) -Ddp 433
这给了我以下服务器启动正常消息:
root@86d80dc7a3d7:/home# $(which sshd) -Ddp 443
debug1: sshd version OpenSSH_6.6, OpenSSL 1.0.1f 6 Jan 2014
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type ECDSA
debug1: private host key: #2 type 3 ECDSA
debug1: private host key: #3 type 4 ED25519
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-Ddp'
debug1: rexec_argv[2]='443'
Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 443 on 0.0.0.0.
Server listening on 0.0.0.0 port 443.
debug1: Bind to port 443 on ::.
Server listening on :: port 443.
一切看起来都很好,我启动了一个不同的终端并尝试连接到它,但连接到它时出现此连接被拒绝错误:
root@86d80dc7a3d7:/etc# ssh localhost -p 443
ssh: connect to host localhost port 443: Connection refused
看来我可以通过以下方式 Telnet 进入服务器:
root@86d80dc7a3d7:/etc# telnet localhost 443
Trying ::1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_6.6p1 Ubuntu-2ubuntu1
asda
Protocol mismatch.
Connection closed by foreign host.
我停止了 sshd 服务器,在同一端口上启动了一个 echo 服务器,甚至还可以从另一台机器 telnet 到该服务器。
我还将其设置为允许任何用户使用“PermitRootLogin 是“:
root@86d80dc7a3d7:/etc# sshd -T
port 22
protocol 2
addressfamily any
listenaddress 0.0.0.0:22
listenaddress [::]:22
usepam 1
serverkeybits 1024
logingracetime 120
keyregenerationinterval 3600
x11displayoffset 10
maxauthtries 6
maxsessions 10
clientaliveinterval 0
clientalivecountmax 3
permitrootlogin yes
ignorerhosts yes
ignoreuserknownhosts no
rhostsrsaauthentication no
hostbasedauthentication no
hostbasedusesnamefrompacketonly no
rsaauthentication yes
pubkeyauthentication yes
kerberosauthentication no
kerberosorlocalpasswd yes
kerberosticketcleanup yes
gssapiauthentication no
gssapikeyexchange no
gssapicleanupcredentials yes
gssapistrictacceptorcheck yes
gssapistorecredentialsonrekey no
passwordauthentication yes
kbdinteractiveauthentication no
challengeresponseauthentication no
printmotd no
printlastlog yes
x11forwarding yes
x11uselocalhost yes
permittty yes
strictmodes yes
tcpkeepalive yes
permitemptypasswords no
permituserenvironment no
uselogin no
compression delayed
gatewayports no
usedns yes
allowtcpforwarding yes
useprivilegeseparation yes
pidfile /var/run/sshd.pid
xauthlocation /usr/bin/xauth
ciphers 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,arcfour128,arcfour256,aes128-cbc,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-c
tr,[email protected],[email protected],[email protected]
macs hmac-sha1,hmac-sha1-96,hmac-sha2-256,hmac-sha2-512,hmac-md5,hmac-md5-96,hmac-ripemd160,[email protected],[email protected],[email protected],hma
[email protected],[email protected],[email protected],[email protected],[email protected],[email protected]
m,[email protected],[email protected],[email protected]
versionaddendum
kexalgorithms diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group-exchange-sha256,ecdh-sha2-nistp256,ecd
h-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group1-sha1,[email protected]
loglevel INFO
syslogfacility AUTH
authorizedkeysfile .ssh/authorized_keys .ssh/authorized_keys2
hostkey /etc/ssh/ssh_host_rsa_key
hostkey /etc/ssh/ssh_host_dsa_key
hostkey /etc/ssh/ssh_host_ecdsa_key
hostkey /etc/ssh/ssh_host_ed25519_key
acceptenv LANG
acceptenv LC_*
authenticationmethods
subsystem sftp /usr/lib/openssh/sftp-server
maxstartups 10:30:100
permittunnel no
ipqos lowdelay throughput
rekeylimit 0 0
permitopen any
我找不到我的配置有什么问题。有人能
答案1
使用-d将在调试模式下运行sshd,它将只接受一个连接,然后它就会存在。删除-Dd将使其再次工作
$(which sshd) -p 433
/etc/ssh/sshd_config此外,在使用选项中设置端口Port比使用命令行选项更干净。