我正尝试通过(无线)局域网从我的一台计算机 A SSH 到另一台计算机 B。它们具有相同的网络掩码,以相同的方式获得租约等。客户端 A 是 Devuan Linux,“服务器”B 是 Windows 10 计算机,运行 Cygwin 的 SSH 服务器。我应该提到 B 上安装了许多由我的雇主(一家大公司)安装的企业间谍软件/恶意软件/任何东西。
现在,我可以通过 SSH 从 B 连接到它自己,从 A 连接到它自己(ssh localhost
在两台机器上都可以正常工作),以及从 B 连接到 A - 非常快。当我从 A nmap B 时,需要花费大量时间,但最终结果会出现,端口 22 被列为开放。当我尝试通过 SSH 从 A 连接到 B 时,在为 B 上的我的用户添加公共用户(这样就无需输入密码)后,连接大约需要 100 秒。如果我断开连接并重新连接,延迟仍然相似
我在 A 上有根权限,在 B 上是管理员。我该怎么做才能查明连接失败的原因并启用它(无需重新安装 Windows 的部分功能、更改驱动程序等 - 这是我不允许做的)?
附加信息:
$ nmap 192.168.1.7 -p 22 -Pn -sV
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-08 22:27 IDT
Nmap scan report for 192.168.1.7
Host is up (0.064s latency).
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2 (protocol 2.0)
Service detection performed. Please report any incorrect results at (URL SNIPPED).
Nmap done: 1 IP address (1 host up) scanned in 3.86 seconds
并且:
$ ssh -vv [email protected]
OpenSSH_8.0p1 Debian-6, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /home/joeuser/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolve_canonicalize: hostname 192.168.1.7 is address
debug2: ssh_connect_direct
debug1: Connecting to 192.168.1.7 [192.168.1.7] port 22.
debug1: Connection established.
debug1: identity file /home/joeuser/.ssh/id_rsa type 0
debug1: identity file /home/joeuser/.ssh/id_rsa-cert type -1
debug1: identity file /home/joeuser/.ssh/id_dsa type 1
debug1: identity file /home/joeuser/.ssh/id_dsa-cert type -1
debug1: identity file /home/joeuser/.ssh/id_ecdsa type 2
debug1: identity file /home/joeuser/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/joeuser/.ssh/id_ed25519 type -1
debug1: identity file /home/joeuser/.ssh/id_ed25519-cert type -1
debug1: identity file /home/joeuser/.ssh/id_xmss type -1
debug1: identity file /home/joeuser/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.0p1 Debian-6
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2
debug1: match: OpenSSH_8.2 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 192.168.1.7:22 as '123456'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected],zlib
debug2: compression stoc: none,[email protected],zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected]
debug2: compression stoc: none,[email protected]
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:a0D2ZMccMC0ixetNhUYcsSvIz5ElYHA73ZBVbcbYo0s
debug1: Host '192.168.1.7' is known and matches the ECDSA host key.
debug1: Found key in /home/joeuser/.ssh/known_hosts:101
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Skipping ssh-dss key /home/joeuser/.ssh/id_dsa - not in PubkeyAcceptedKeyTypes
debug1: Will attempt key: /home/joeuser/.ssh/id_rsa RSA SHA256:V1OMM1prAT2pmIi6jPpCANaB3+oIrY0n4eAHoxuNW94 agent
debug1: Will attempt key: /home/joeuser/.ssh/id_ecdsa ECDSA SHA256:IhdLYNaDrqcQjxpRmPW/ppA3u3R5koPudZMDcRy/y6w agent
debug1: Will attempt key: /home/joeuser/.ssh/id_ed25519
debug1: Will attempt key: /home/joeuser/.ssh/id_xmss
debug2: pubkey_prepare: done
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,[email protected],ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected]>
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key: /home/joeuser/.ssh/id_rsa RSA SHA256:V1OMM1prAT2pmIi6jPpCANaB3+oIrY0n4eAHoxuNW94 agent
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: /home/joeuser/.ssh/id_rsa RSA SHA256:V1OMM1prAT2pmIi6jPpCANaB3+oIrY0n4eAHoxuNW94 agent
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.1.7 ([192.168.1.7]:22).
debug1: channel 0: new [client-session]
debug2: channel 0: send open
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype [email protected] want_reply 0
debug1: Remote: /home/123456/.ssh/authorized_keys:3: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /home/123456/.ssh/authorized_keys:3: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug1: Sending environment.
debug1: Sending env LANG = en_IL
debug2: channel 0: request env confirm 0
debug2: channel 0: request shell confirm 1
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Last login: Fri May 8 23:38:58 2020 from 192.168.1.5
长时间的停顿之后:
- “本地版本字符串”,
- “我们发送了一个公钥包”
- “服务器接受密钥...RSA”
- “通道 0:打开确认 rwindow 0 rmax 32768”
- “上次登录”