SSH 隧道不允许我通过它进行 SSH

tag-icon tag-icon linux networking ssh debian tunnel
SSH 隧道不允许我通过它进行 SSH

我已经设置了远程服务器,可以通过以下方式自动连接回本地服务器autossh

sudo autossh -M 10984 -N -f -o “PubkeyAuthentication=yes” -o “PasswordAuthentication=no” -i /root/.ssh/nopwd -R 6666:localhost:22 @ -p &

我已经在 rc.local 中设置了上面的 autossh 命令:

#!/bin/sh -e # # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing. autossh -M 10984 -N -f -o "PubkeyAuthentication=yes" -o "PasswordAuthentication=no" -i /root/.ssh/nopwd -R 6666:localhost:22
<username>@<domain> -p portNumber & exit 0

然后我创建了一个 rc-local 服务: sudo vi /etc/systemd/system/rc-local.service #add the following lines [Unit] Description=/etc/rc.local Compatibility ConditionPathExists=/etc/rc.local [Service] Type=forking ExecStart=/etc/rc.local start TimeoutSec=0 StandardOutput=tty RemainAfterExit=yes SysVStartPriority=99 [Install] WantedBy=multi-user.target

然后我告诉该服务在每次启动时运行:

sudo systemctl 启用 rc-local

远程服务器在启动时通过 ssh 重新连接,然后成功维持连接:

Netstat 显示:tcp 0 0 0.0.0.0:6666 0.0.0.0:* LISTEN 22542/sshd

现在我尝试连接到本地服务器上的 6666:

远程控制[电子邮件保护]-p 6666

我收到以下错误:ssh_exchange_identification:读取:对等方重置连接

当我使用 -vvv 选项设置 ssh 时,我收到以下调试日志:

# ssh -vvv 127.0.0.1 -p 6666
OpenSSH_7.6p1 Debian-2, OpenSSL 1.0.2l  25 May 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "127.0.0.1" port 6666
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 6666.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Debian-2
ssh_exchange_identification: read: Connection reset by peer

但是,如果我终止两端(本地和远程)的 ssh 连接。然后从远程服务器重新建立反向 ssh 连接:

autossh -M 10984 -N -f -o “PubkeyAuthentication=yes” -o “PasswordAuthentication=no” -i /root/.ssh/nopwd -R 6666:localhost:22 @ -p 端口号 &

隧道已成功建立。然后我可以成功通过 127.0.0.1 -p 6666 进行 ssh 。

远程控制[电子邮件保护]-p 6666 上次登录:2017 年 12 月 17 日星期日 10:50:29 来自 ::1

我需要在启动时完成这项工作,无需人工干预。我做错了什么?

相关内容