昨天突然发现,当我连接到办公室的 VPN 时,我无法从家里 ssh 访问任何服务器。我检查过的所有服务器都出现了这个问题,无论它们位于办公室网络内还是网络外。
以下是ssh -vvv功能案例的输出——不是连接到 VPN — 直到开始进入安全协议:
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/me/.ssh/config
debug1: /Users/me/.ssh/config line 93: Applying options for server_shortname
debug1: /Users/me/.ssh/config line 119: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Control socket "/Users/me/.ssh/[email protected]:22" does not exist
debug1: Connecting to server.com port 22.
debug1: Connection established.
debug1: identity file /Users/me/.ssh/id_rsa type 0
debug1: identity file /Users/me/.ssh/id_rsa-cert type -1
debug1: identity file /Users/me/.ssh/id_dsa type -1
debug1: identity file /Users/me/.ssh/id_dsa-cert type -1
debug1: identity file /Users/me/.ssh/id_ecdsa type -1
debug1: identity file /Users/me/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/me/.ssh/id_ed25519 type -1
debug1: identity file /Users/me/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/me/.ssh/id_xmss type -1
debug1: identity file /Users/me/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug1: Authenticating to server.com:22 as 'username'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
...
以下是不起作用的情况的结果(当我是已连接到 VPN):
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /Users/me/.ssh/config
debug1: /Users/me/.ssh/config line 93: Applying options for server_shortname
debug1: /Users/me/.ssh/config line 119: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Control socket "/Users/me/.ssh/[email protected]:22" does not exist
debug1: Connecting to server.com port 22.
debug1: Connection established.
debug1: identity file /Users/me/.ssh/id_rsa type 0
debug1: identity file /Users/me/.ssh/id_rsa-cert type -1
debug1: identity file /Users/me/.ssh/id_dsa type -1
debug1: identity file /Users/me/.ssh/id_dsa-cert type -1
debug1: identity file /Users/me/.ssh/id_ecdsa type -1
debug1: identity file /Users/me/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/me/.ssh/id_ed25519 type -1
debug1: identity file /Users/me/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/me/.ssh/id_xmss type -1
debug1: identity file /Users/me/.ssh/id_xmss-cert type -1
write: Software caused connection abort
可能相关的信息:
- 我的机器正在运行 macOS Mojave 10.14.6。
- 我使用 Tunnelblick 3.8.4(版本 5600)连接到 VPN。
- 从上次成功到开始失败之间,我不记得有任何软件更新或配置更改会导致出现问题。
- 我办公室的 VPN 的其他用户似乎没有遇到同样的问题。
- 在我的计算机重新启动后,这种情况仍然存在。
- 我可以正常连接到网络。
答案1
原来导致连接中断的软件是 TripMode,它确实是为中断连接而设计的!我已将其设置为仅允许白名单中的应用/进程在连接到办公室的 VPN 时访问互联网。我的终端应用 (iTerm) 最近更新添加了某种新的后台进程 iTermServer-3.4.1,我还需要加入白名单。完成后,问题就解决了。