从 systemd 服务启动时 SSH 转发退出

从 systemd 服务启动时 SSH 转发退出

我正在尝试将 SSH 转发配置为 systemd 服务。但它并没有无限期运行,而是退出了。我做错了什么?

Systemd 用户服务

[Unit]
Description=Forwarder Service
After=network.target

[Service]
Type=simple
ExecStart=/usr/bin/ssh -v -L 4444:localhost:4444 -N -T -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes user@host
Restart=always
RestartSec=5s

[Install]
WantedBy=multi-user.target

~.ssh/config

ForwardX11 no
ForwardX11Trusted no

ServerAliveInterval 30
ServerAliveCountMax 2

Host *
    GSSAPIAuthentication yes
    GSSAPIDelegateCredentials no
    ControlMaster auto
    ControlPath ~/.ssh/sockets/%r@%h-%p
    ControlPersist 600

Systemd 日志

Jan 25 19:01:29 localhost systemd[3270]: Started Forwarder Service.
Jan 25 19:01:29 localhost ssh[1410139]: OpenSSH_8.2p1 Ubuntu-4ubuntu0.4, OpenSSL 1.1.1f  31 Mar 2020
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Reading configuration data /home/user/.ssh/config
Jan 25 19:01:29 localhost ssh[1410139]: debug1: /home/user/.ssh/config line 23: Applying options for *
Jan 25 19:01:29 localhost ssh[1410139]: debug1: /home/user/.ssh/config line 90: Applying options for host
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Reading configuration data /etc/ssh/ssh_config
Jan 25 19:01:29 localhost ssh[1410139]: debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
Jan 25 19:01:29 localhost ssh[1410139]: debug1: /etc/ssh/ssh_config line 21: Applying options for *
Jan 25 19:01:29 localhost ssh[1410139]: debug1: auto-mux: Trying existing master
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Control socket "/home/user/.ssh/sockets/user@host-22" does not exist
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Connecting to host [xxx.xxx.xxx.xxx] port 22.
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Connection established.
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_rsa type 0
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_rsa-cert type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_dsa type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_dsa-cert type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_ecdsa type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_ecdsa_sk type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_ecdsa_sk-cert type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_ed25519 type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_ed25519-cert type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_ed25519_sk type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_ed25519_sk-cert type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_xmss type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: identity file /home/user/.ssh/id_xmss-cert type -1
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.4
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.10
Jan 25 19:01:29 localhost ssh[1410139]: debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.10 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Authenticating to host:22 as 'user'
Jan 25 19:01:29 localhost ssh[1410139]: debug1: SSH2_MSG_KEXINIT sent
Jan 25 19:01:29 localhost ssh[1410139]: debug1: SSH2_MSG_KEXINIT received
Jan 25 19:01:29 localhost ssh[1410139]: debug1: kex: algorithm: [email protected]
Jan 25 19:01:29 localhost ssh[1410139]: debug1: kex: host key algorithm: ecdsa-sha2-nistp256
Jan 25 19:01:29 localhost ssh[1410139]: debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
Jan 25 19:01:29 localhost ssh[1410139]: debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
Jan 25 19:01:29 localhost ssh[1410139]: debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Server host key: ecdsa-sha2-nistp256 SHA256:******
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Host 'host' is known and matches the ECDSA host key.
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Found key in /home/user/.ssh/known_hosts:5
Jan 25 19:01:29 localhost ssh[1410139]: debug1: rekey out after 134217728 blocks
Jan 25 19:01:29 localhost ssh[1410139]: debug1: SSH2_MSG_NEWKEYS sent
Jan 25 19:01:29 localhost ssh[1410139]: debug1: expecting SSH2_MSG_NEWKEYS
Jan 25 19:01:29 localhost ssh[1410139]: debug1: SSH2_MSG_NEWKEYS received
Jan 25 19:01:29 localhost ssh[1410139]: debug1: rekey in after 134217728 blocks
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Will attempt key: /home/user/.ssh/id_rsa RSA SHA256:******
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Will attempt key: /home/user/.ssh/id_dsa
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Will attempt key: /home/user/.ssh/id_ecdsa
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Will attempt key: /home/user/.ssh/id_ecdsa_sk
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Will attempt key: /home/user/.ssh/id_ed25519
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Will attempt key: /home/user/.ssh/id_ed25519_sk
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Will attempt key: /home/user/.ssh/id_xmss
Jan 25 19:01:29 localhost ssh[1410139]: debug1: SSH2_MSG_EXT_INFO received
Jan 25 19:01:29 localhost ssh[1410139]: debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
Jan 25 19:01:29 localhost ssh[1410139]: debug1: SSH2_MSG_SERVICE_ACCEPT received
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Authentications that can continue: publickey,password
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Next authentication method: publickey
Jan 25 19:01:29 localhost ssh[1410139]: debug1: Offering public key: /home/user/.ssh/id_rsa RSA SHA256:******
Jan 25 19:01:30 localhost ssh[1410139]: debug1: Server accepts key: /home/user/.ssh/id_rsa RSA SHA256:******
Jan 25 19:01:30 localhost ssh[1410139]: debug1: Authentication succeeded (publickey).
Jan 25 19:01:30 localhost ssh[1410139]: Authenticated to host ([xxx.xxx.xxx.xxx]:22).
Jan 25 19:01:30 localhost ssh[1410139]: debug1: Local connections to LOCALHOST:4444 forwarded to remote address localhost:4444
Jan 25 19:01:30 localhost ssh[1410139]: debug1: Local forwarding listening on ::1 port 4444.
Jan 25 19:01:30 localhost ssh[1410139]: debug1: channel 0: new [port listener]
Jan 25 19:01:30 localhost ssh[1410139]: debug1: Local forwarding listening on 127.0.0.1 port 4444.
Jan 25 19:01:30 localhost ssh[1410139]: debug1: channel 1: new [port listener]
Jan 25 19:01:30 localhost ssh[1410139]: debug1: setting up multiplex master socket
Jan 25 19:01:30 localhost ssh[1410139]: debug1: channel 2: new [/home/user/.ssh/sockets/user@host-22]
Jan 25 19:01:30 localhost ssh[1410139]: debug1: control_persist_detach: backgrounding master process
Jan 25 19:01:30 localhost ssh[1410175]: debug1: forking to background
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Entering interactive session.
Jan 25 19:01:30 localhost ssh[1410176]: debug1: pledge: id
Jan 25 19:01:30 localhost ssh[1410176]: debug1: multiplexing control connection
Jan 25 19:01:30 localhost ssh[1410176]: debug1: channel 3: new [mux-control]
Jan 25 19:01:30 localhost ssh[1410139]: debug1: Requesting forwarding of local forward LOCALHOST:4444 -> localhost:4444
Jan 25 19:01:30 localhost ssh[1410176]: debug1: channel 4: new [client-session]
Jan 25 19:01:30 localhost ssh[1410176]: debug1: client_input_global_request: rtype [email protected] want_reply 0
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Sending environment.
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Sending env LANG = C.UTF-8
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Sending env LC_ADDRESS = en_US.UTF-8
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Sending env LC_IDENTIFICATION = en_US.UTF-8
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Sending env LC_MEASUREMENT = en_US.UTF-8
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Sending env LC_MONETARY = en_US.UTF-8
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Sending env LC_NAME = en_US.UTF-8
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Sending env LC_NUMERIC = en_US.UTF-8
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Sending env LC_PAPER = en_US.UTF-8
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Sending env LC_TELEPHONE = en_US.UTF-8
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Sending env LC_TIME = en_US.UTF-8
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Sending env LC_CTYPE = ru_RU.utf8
Jan 25 19:01:30 localhost ssh[1410176]: Welcome to Ubuntu *** LTS (GNU/Linux 4.15.0-132-generic x86_64)
Jan 25 19:01:30 localhost ssh[1410176]:  * Documentation:  ******
Jan 25 19:01:30 localhost ssh[1410176]:  * Management:     ******
Jan 25 19:01:30 localhost ssh[1410176]:  * Support:        ******
Jan 25 19:01:30 localhost ssh[1410176]: 2 updates can be applied immediately.
Jan 25 19:01:30 localhost ssh[1410176]: To see these additional updates run: apt list --upgradable
Jan 25 19:01:30 localhost ssh[1410176]: New release '*** LTS' available.
Jan 25 19:01:30 localhost ssh[1410176]: Run 'do-release-upgrade' to upgrade to it.
Jan 25 19:01:30 localhost ssh[1410176]: You have mail.
Jan 25 19:01:30 localhost ssh[1410176]: debug1: client_input_channel_req: channel 4 rtype exit-status reply 0
Jan 25 19:01:30 localhost ssh[1410176]: debug1: channel 4: free: client-session, nchannels 5
Jan 25 19:01:30 localhost ssh[1410176]: debug1: channel 3: free: mux-control, nchannels 4
Jan 25 19:01:30 localhost ssh[1410176]: debug1: channel 0: free: port listener, nchannels 3
Jan 25 19:01:30 localhost ssh[1410176]: debug1: channel 1: free: port listener, nchannels 2
Jan 25 19:01:30 localhost ssh[1410176]: debug1: channel 2: free: /home/user/.ssh/sockets/user@host-22, nchannels 1
Jan 25 19:01:30 localhost ssh[1410176]: debug1: fd 2 clearing O_NONBLOCK
Jan 25 19:01:30 localhost ssh[1410176]: Transferred: sent 3384, received 3212 bytes, in 0.3 seconds
Jan 25 19:01:30 localhost ssh[1410176]: Bytes per second: sent 11402.3, received 10822.7
Jan 25 19:01:30 localhost ssh[1410176]: debug1: Exit status 0
Jan 25 19:01:30 localhost systemd[3270]: forward.service: Succeeded.

相关内容