我在 RHEL 5 系统上,连接到另一个 RHEL 5 系统。我使用以下命令创建了 SSH 隧道:ssh -2 -4 -f -x -N -L 1527:远程主机:1527 用户@远程主机
(remote_host 是同一台服务器)
我输入密码后,立即返回到命令提示符。我快速运行“ps axu | grep ssh”来验证并查看刚刚执行的 ssh 命令的进程:
dashbrd 17861 0.0 0.1 68796 13224 ? Ss 12:44 0:00 ssh -2 -4 -f -x -N -L 1527:remote_host:1527 user@remote_host
我认为我的隧道已成功建立。
然后我使用“telnet remote_host 1527”进行测试,但连接失败;挂起几分钟后我才将其关闭。我尝试在本地主机上使用不同的用户进行 telnet 测试(包括我用于建立隧道的用户名),结果是一样的 - 没有连接。
此隧道的目的是连接到 Oracle Listener。因此,我运行转换实用程序;同样无法连接。(是的,我在 tnsnames.ora 文件中正确配置了数据库连接。)
我做错了什么?
答案1
您不需要 telnet 到 remote_host,您可以 telnet 到 localhost。如果您可以直接 telnet 到 remote_host,则不需要端口向前。
telnet localhost 1527
来自 ssh 手册页:
-L [bind_address:]port:host:hostport Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side. This works by allocating a socket to listen to port on the local side, optionally bound to the specified bind_address. Whenever a con- nection is made to this port, the connection is forwarded over the secure channel, and a connection is made to host port hostport from the remote machine. Port forwardings can also be specified in the configuration file. IPv6 addresses can be spec- ified with an alternative syntax: [bind_address/]port/host/hostport or by enclosing the address in square brackets. Only the superuser can forward privileged ports. By default, the local port is bound in accordance with the GatewayPorts setting. However, an explicit bind_address may be used to bind the connection to a specific address. The bind_address of “localhost” indicates that the listening port be bound for local use only, while an empty address or ‘*’ indicates that the port should be available from all interfaces.