无法从外部 SSH

tag-icon tag-icon linux ssh firewall centos-7 selinux
无法从外部 SSH

我在 TP Link 路由器后面有一台 CentOS 7.5 机器。

我已在路由器中启用端口转发(并重新启动)。

然而,由于某种原因,我可以 ping 通路由器,但无法通过端口 22 telnet 或 ssh 到该机器。

$ telnet [public IP] 22
Trying [public IP]...
telnet: connect to address [public IP]: Connection refused

$ ssh root@[public IP]
ssh: connect to host [public IP] port 22: Connection refused

我也尝试了另一个用户,但得到的结果是一样的。

我确实停止了firewall.d:

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: inactive (dead) since Tue 2018-05-22 10:20:42 CST; 4min 26s ago
     Docs: man:firewalld(1)
  Process: 733 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
 Main PID: 733 (code=exited, status=0/SUCCESS)

May 21 00:49:14 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall daemon...
May 21 00:49:14 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.
May 22 10:20:41 localhost.localdomain systemd[1]: Stopping firewalld - dynamic firewall daemon...
May 22 10:20:42 localhost.localdomain systemd[1]: Stopped firewalld - dynamic firewall daemon.

我确实暂时禁用了 SELinux:

[root@localhost ~]# setenforce 0
[root@localhost ~]# sestatus 
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      31

sshd 确实正在运行:

[root@localhost ~]# systemctl status sshd
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2018-05-22 10:42:03 CST; 8min ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 11861 (sshd)
    Tasks: 1
   CGroup: /system.slice/sshd.service
           └─11861 /usr/sbin/sshd -D

May 22 10:42:03 localhost.localdomain systemd[1]: Starting OpenSSH server daemon...
May 22 10:42:03 localhost.localdomain sshd[11861]: Server listening on :: port 22.
May 22 10:42:03 localhost.localdomain sshd[11861]: Server listening on 0.0.0.0 port 22.
May 22 10:42:03 localhost.localdomain systemd[1]: Started OpenSSH server daemon.

任何想法?

相关内容