firewall-cmd 显示 ssh 已启用,但来自客户端的 nmap 显示端口 22 已关闭(连接被拒绝)

firewall-cmd 显示 ssh 已启用,但来自客户端的 nmap 显示端口 22 已关闭(连接被拒绝)

新安装的 RHEL8 已安装、启用并运行 openssh-server。

firewall-cmd 显示服务 ssh 已添加:

[[email protected] ]# firewall-cmd --list-services
cockpit ssh 

netstat -anp | grep 22显示服务器正在监听 0:0:0:0:22

service sshd status显示相同(侦听端口 22)

nmap -sSV -O -p 22 localhost(从 new.rhel.server 发出)显示端口 22 已打开

我能够ssh localhost成功地访问 new.rhel.server 。服务器具有互联网连接。

当我尝试这样做时,我立即收到“连接被拒绝”错误。ssh [email protected]

me@laptop ~ $ ssh -vvv new.rhel.server
OpenSSH_8.2p1 Ubuntu-4ubuntu0.5, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolving "new.rhel.server" port 22
debug2: ssh_connect_direct
debug1: Connecting to new.rhel.server [1.2.3.4] port 22.
debug1: connect to address 1.2.3.4 port 22: Connection refused
ssh: connect to host new.rhel.server port 22: Connection refused

nmap -sSV -O -p 22 new.rhel.server(从我的笔记本电脑发出)显示端口 22 实际上是关闭

Starting Nmap 7.80 ( https://nmap.org ) at 2022-09-21 17:27 EDT
Nmap scan report for new.rhel.server (1.2.3.4)
Host is up (0.000051s latency).

PORT   STATE  SERVICE VERSION
22/tcp closed ssh
Too many fingerprints match this host to give specific OS details
Network Distance: 0 hops

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 2.05 seconds

这让我难住了。为什么 nmap 显示端口已关闭,而服务器报告端口已打开?

答案1

现在这正在发挥作用。由于未知原因,sshd_config 中的端口行被注释掉。

# If you want to change the port on a SELinux system, you have to tell
# SELinux about this change.
# semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
#
#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

将其更改为

#
Port 22
#AddressFamily any

然后重新启动 sshd 解决了这个问题。

这是 RHEL 的全新安装,不知道为什么默认情况下会注释掉 Port 行。

相关内容