无法通过网络连接到 ssh

tag-icon tag-icon ssh
无法通过网络连接到 ssh

##概述 我无法通过 ssh 连接到主机。我有 2 台 Mac,都使用同一个 WiFi。MacA可以连接到 VPN 并通过 WiFi ssh 进入机器。MacB可以连接到 VPN,但不能 ssh。

两台机器都有相同的.pem文件,在相同的位置,权限设置为chmod 400-r--------)。两台机器也都有相同的~/.ssh/config文件。

从我所做的调查来看,这似乎不是服务器问题,我认为这是 MacB及其网络设置的问题。

工作机器-MacA

OpenSSH_7.2p2, OpenSSL 1.0.2h  3 May 2016
debug1: Reading configuration data /Users/?/.ssh/config
debug1: /Users/?/.ssh/config line 8: Applying options for *
debug1: /Users/?/.ssh/config line 21: Applying options for *.internal
debug2: add_identity_file: ignoring duplicate key ~/.ssh/innometrics.pem
debug1: Reading configuration data /usr/local/etc/ssh/ssh_config
debug2: resolving "ip-10-0-4-139.eu-west-1.compute.internal" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to ip-10-0-4-139.eu-west-1.compute.internal [10.0.4.139] port 22.
debug2: fd 3 setting O_NONBLOCK
debug1: fd 3 clearing O_NONBLOCK
debug1: Connection established.

故障机器--MacB

运行时ssh -vvv ipaddress.eu-west-1.compute.internal我得到以下信息:

OpenSSH_7.2p2, OpenSSL 1.0.2h  3 May 2016
debug1: Reading configuration data /Users/username/.ssh/config
debug1: /Users/username/.ssh/config line 8: Applying options for *
debug1: /Users/username/.ssh/config line 21: Applying options for *.internal
debug2: add_identity_file: ignoring duplicate key ~/.ssh/username.pem
debug1: Reading configuration data /usr/local/etc/ssh/ssh_config
debug2: resolving "ipaddress.eu-west-1.compute.internal" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to ipaddress.eu-west-1.compute.internal [xx.x.x.xxx] port 22.
debug2: fd 3 setting O_NONBLOCK
debug1: connect to address xx.x.x.xxx port 22: Operation timed out
ssh: connect to host ipaddress.eu-west-1.compute.internal port 22: Operation timed out

它做什么fd 3 setting O_NONBLOCK?我了解到它fd 3正在寻找文件描述符 #3,并且在我的计算机上找到了该目录。为什么它会在这里超时?

这似乎不是一个 DNS 问题,因为我提供的 DNS 名称被解析为正确的 AWS IP。

额外细节

Firewall: Off

无线网络设置

Using DHCP
DNS Servers: 192.168.1.1
NetBIOS Name: IP-192-168-1-63 (IP-192-168-1-63 is currently being used)
Hardware configured automatically, MTU 1500

来自/etc/ssh/ssh_config唯一活跃的部分:

 Host *
   SendEnv LANG LC_*
   HashKnownHosts yes
   GSSAPIAuthentication yes
   GSSAPIDelegateCredentials no

同样来自/etc/ssh/sshd_config

UseDNS no
UsePrivilegeSeparation sandbox
AuthorizedKeysFile  .ssh/authorized_keys

工作机器也有,XAuthLocation /opt/X11/bin/xauth但我不知道这是否相关。

我尝试过有线连接但也不工作。

如果需要的话,我可以发布更多信息。

更新 #1

我已经重新安装了 openssh 和 open ssl。/usr/local/bin/显示了已安装版本的正确符号链接。我没有错误地使用旧版本。

我已经运行过ifconfig以比较 wifi 网络接口。我也运行过/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport -I en1以对其进行更深入的挖掘。不过一切看起来都很正常。

更新 #2

route -n get dnsnamehere正在运行A

17:36 $ route -n get ip-10-0-2-121.eu-west-1.compute.internal
  route to: xx.x.x.xxx
destination: xx.x.x.xxx
 interface: ppp0
     flags: <UP,HOST,DONE,WASCLONED,IFSCOPE,IFREF>
recvpipe  sendpipe  ssthresh  rtt,msec    rttvar  hopcount      mtu     expire
      0         0         0        52         2         0      1444         0

运行相同的操作B

17:31 $ route -n get ip-10-0-2-121.eu-west-1.compute.internal
   route to: xx.x.x.xxx
destination: xx.x.x.xxx
    gateway: 192.168.1.1
  interface: en0
      flags: <UP,GATEWAY,HOST,DONE,WASCLONED,IFSCOPE,IFREF>
 recvpipe  sendpipe  ssthresh  rtt,msec    rttvar  hopcount      mtu     expire
       0         0         0         0         0         0      1453         0

我们也有一台机器C的结果与 类似A。看起来坏机器是通过 wifien0而不是 VPN 进行路由的(ppp0)?如果是这种情况,我该如何修复?

答案1

首先刷新所有网关条目的路由表:

sudo route flush

然后将所有属于以下类别的流量路由10/16ppp0

sudo route add -host 10.0.0.0 -netmask 255.255.0.0 -interface ppp0

相关内容