我刚刚构建了 4 个彼此相似的 VM,但我不确定为什么其中一个 VM 无法从 SecureCRT 进行 ssh。
主机操作系统为 Windows 10 所有四个 VM 均为 CentOS(两个 Centos 6.8 和两个 Centos 7)
这四个人都能够互相进行 ssh 通信。
我不知道该怎么做才能修复它。所有四台虚拟机上的端口 22 都已打开。
我尝试从 cmd(windows)对每台机器 IP 执行 telnet,对于出现问题的机器,它显示:C:\WINDOWS\system32>telnet 192.168.1.4 22 连接到 192.168.1.4...无法在端口 22 上打开与主机的连接:连接失败 C:\WINDOWS\system32> ssh 肯定在主机上打开了,那么我为什么会收到此消息?–
我很困惑,不知道我需要做什么才能解决这个问题。
[root@agent2 ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
23 1575 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
75 11903 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
75 11903 INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
75 11903 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
3 252 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
70 11531 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * virbr0 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- virbr0 * 192.168.122.0/24 0.0.0.0/0
0 0 ACCEPT all -- virbr0 virbr0 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * virbr0 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_direct all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 27 packets, 3669 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * virbr0 0.0.0.0/0 0.0.0.0/0 udp dpt:68
55 8531 OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD_IN_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_public all -- enp0s3 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDI_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_IN_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_OUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_public all -- * enp0s3 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDO_public all -- * + 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_OUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_direct (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public (2 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDI_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public (2 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDO_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
66 10104 IN_public all -- enp0s3 * 0.0.0.0/0 0.0.0.0/0 [goto]
9 1799 IN_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain INPUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_direct (1 references)
pkts bytes target prot opt in out source destination
Chain IN_public (2 references)
pkts bytes target prot opt in out source destination
75 11903 IN_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
75 11903 IN_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
75 11903 IN_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain IN_public_allow (1 references)
pkts bytes target prot opt in out source destination
1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW
1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 ctstate NEW
Chain IN_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain IN_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain OUTPUT_direct (1 references)
pkts bytes target prot opt in out source destination
[root@agent2 ~]#
[root@puppet ~]# ss -lntp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 5 :::5666 :::* users:(("nrpe",3398,5))
LISTEN 0 5 *:5666 *:* users:(("nrpe",3398,4))
LISTEN 0 128 :::111 :::* users:(("rpcbind",1454,11))
LISTEN 0 128 *:111 *:* users:(("rpcbind",1454,8))
LISTEN 0 128 :::80 :::* users:(("httpd",2095,4),("httpd",2122,4),("httpd",2123,4),("httpd",2124,4),("httpd",2125,4),("httpd",2126,4),("httpd",2127,4),("httpd",2128,4),("httpd",2129,4),("httpd",2130,4),("httpd",3148,4),("httpd",4383,4),("httpd",4716,4))
LISTEN 0 128 :::47316 :::* users:(("rpc.statd",1525,11))
LISTEN 0 128 *:51796 *:* users:(("rpc.statd",1525,9))
LISTEN 0 128 :::22 :::* users:(("sshd",1957,4))
LISTEN 0 128 *:22 *:* users:(("sshd",1957,3))
LISTEN 0 128 127.0.0.1:631 *:* users:(("cupsd",1580,7))
LISTEN 0 128 ::1:631 :::* users:(("cupsd",1580,6))
LISTEN 0 100 ::1:25 :::* users:(("master",2054,13))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",2054,12))
LISTEN 0 128 :::443 :::* users:(("httpd",2095,6),("httpd",2122,6),("httpd",2123,6),("httpd",2124,6),("httpd",2125,6),("httpd",2126,6),("httpd",2127,6),("httpd",2128,6),("httpd",2129,6),("httpd",2130,6),("httpd",3148,6),("httpd",4383,6),("httpd",4716,6))
[root@puppet ~]#