SSH 服务器运行 Centos 7,我通过 Putty 从 Windows 10 连接到它。
我必须解决一些 VPN 设置,因此设置了大量 SSH 隧道(大约有 2000 个地址:端口组合);事实上,我必须ulimit -n 8192向我的个人资料添加一个命令(通过 上的脚本/etc/profile.d/)才能使其工作。
其实我有一个可行的解决方案,即通过手动启动 sshd 服务器/usr/sbin/sshd(我实际上运行它-ddd进行调试)。问题是我宁愿不每次都这样做。
为了复制/usr/sbin/sshd正在做的事情,我尝试将nofilesin提升/etc/security/limits.conf到8192,并通过添加 .in来启用UsePAM yesin/etc/ssh/sshd_config和编辑。显然,每次我做这样的尝试时,我都会重新启动服务,但直到现在我还没有运气。/etc/pam.d/sshdsession required pam_limits.sosshd
这里有一些日志可以让您更深入地了解。
debug3: mm_request_send entering: type 26 [preauth]
debug3: mm_send_keystate: Finished sending state [preauth]
debug3: mm_request_send entering: type 122 [preauth]
debug3: mm_request_receive_expect entering: type 123 [preauth]
debug3: mm_request_receive entering [preauth]
debug1: monitor_read_log: child log fd closed
debug3: ssh_sandbox_parent_finish: finished
debug1: temporarily_use_uid: 0/0 (e=0/0)
debug1: ssh_gssapi_storecreds: Not a GSSAPI mechanism
debug1: restore_uid: 0/0
debug1: SELinux support enabled
debug3: sshd_selinux_setup_variables: setting execution context
debug1: PAM: establishing credentials
debug3: PAM: opening session
----- SSHD SERVICE WON'T LOG ANYTHING BELOW THIS, THROWING A "Remote side closed unexpectedly"
ERROR ON CLIENT SIDE. THE FOLLOWING ONLY HAPPENS IF I RUN /usr/sbin/sshd -ddd -----
debug3: PAM: sshpam_store_conv called with 1 messages
debug3: PAM: sshpam_store_conv called with 1 messages
debug3: monitor_apply_keystate: packet_set_state
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: ssh_packet_set_postauth: called
debug3: ssh_packet_set_state: done
debug3: notify_hostkeys: key 0: ssh-rsa SHA256:AEtENG9MRdKc/NfzGmydDXE/ZSC9m/qIgyLoCpnFi8U
debug3: notify_hostkeys: key 1: ecdsa-sha2-nistp256 SHA256:xyJC+3p5j0bvYmp64A3s6oryCFIPe8PIP9jWQtjNTxk
debug3: notify_hostkeys: key 2: ssh-ed25519 SHA256:XsT2mEz/PUObqWI4+5fLE8gpyhqKXf7ij0/peOhF+WI
debug3: notify_hostkeys: sent 3 hostkeys
debug3: send packet: type 80
debug1: Entering interactive session for SSH2.
debug2: fd 5 setting O_NONBLOCK
debug2: fd 6 setting O_NONBLOCK
debug1: server_init_dispatch
----- THEN IT BEGINS ALL THE TUNNEL FORWARDING PART, REPEATING
THE FOLLOWING BLOCK OF LOGS FOR EACH ADDRESS/PORT COMBINATION -----
debug3: receive packet: type 80
debug1: server_input_global_request: rtype tcpip-forward want_reply 1
debug1: server_input_global_request: tcpip-forward listen port <NUMBER-OF-PORT>
debug3: channel_setup_fwd_listener_tcpip: type 11 wildcard 0 addr NULL
debug3: sock_set_v6only: set socket 8 IPV6_V6ONLY
debug1: Local forwarding listening on ::1 port <NUMBER-OF-PORT>.
debug2: fd 8 setting O_NONBLOCK
debug3: fd 8 is O_NONBLOCK
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port <NUMBER-OF-PORT>.
debug2: fd 9 setting O_NONBLOCK
debug3: fd 9 is O_NONBLOCK
debug1: channel 1: new [port listener]
debug3: send packet: type 81
----- AND FINALLY, AFTER ALL THE PORTS -----
debug3: receive packet: type 90
debug1: server_input_channel_open: ctype session rchan 256 win 16384 max 16384
debug1: input_session_request
debug1: channel 7142: new [server-session]
debug2: session_new: allocate (allocated 0 max 10)
debug3: session_unused: session id 0 unused
debug1: session_new: session 0
debug1: session_open: channel 7142
debug1: session_open: session 0: link with channel 7142
debug1: server_input_channel_open: confirm session
debug3: send packet: type 91
debug3: receive packet: type 98
debug1: server_input_channel_req: channel 7142 request pty-req reply 1
debug1: session_by_channel: session 0 channel 7142
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/pts/13
debug1: SELinux support enabled
debug3: ssh_selinux_setup_pty: setting TTY context on /dev/pts/13
debug3: ssh_selinux_setup_pty: done
debug3: send packet: type 99
debug3: receive packet: type 98
debug1: server_input_channel_req: channel 7142 request shell reply 1
debug1: session_by_channel: session 0 channel 7142
debug1: session_input_channel_req: session 0 req shell
Starting session: shell on pts/13 for root from 192.168.1.7 port 54369 id 0
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x10
debug2: channel 7142: rfd 7154 isatty
debug2: fd 7154 setting O_NONBLOCK
debug3: fd 7150 is O_NONBLOCK
debug3: send packet: type 99
debug1: Setting controlling tty using TIOCSCTTY.
我怎样才能通过该服务实现同样的目标sshd?