突然间,我无法通过 ssh 连接到任何机器。我以为是我的路由器/网络问题,我尝试了不同的网络,但结果是一样的。我在服务器和客户端上都进行了 tcp 转储,发现校验和不正确。客户端使用的是 MacOS 10.12.6,服务器运行的是 Ubuntu。
以下是服务器和客户端的 TCP 转储。
服务器
sudo tcpdump -n -vvv -n dst host 59.90.xxx.xxx
06:51:41.285561 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
10.128.x.xx.22 > 59.90.xxx.xxx.54341: Flags [S.], cksum 0xb1fb (incorrect -> 0x0b7d), seq 1875710046, ack 3542782445, win 28160, options [mss 1420,sackOK,TS val 1107257724 ecr 875004811,nop,wscale 7], length 0
06:51:42.287868 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
10.128.x.xx.22 > 59.90.xxx.xxx.54341: Flags [S.], cksum 0xb1fb (incorrect -> 0x0a82), seq 1875710046, ack 3542782445, win 28160, options [mss 1420,sackOK,TS val 1107257975 ecr 875004811,nop,wscale 7], length 0
06:51:42.288005 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
10.128.x.xx.22 > 59.90.xxx.xxx.54341: Flags [S.], cksum 0xb1fb (incorrect -> 0x0a82), seq 1875710046, ack 3542782445, win 28160, options [mss 1420,sackOK,TS val 1107257975 ecr 875004811,nop,wscale 7], length 0
06:51:43.361309 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
10.128.x.xx.22 > 59.90.xxx.xxx.54341: Flags [S.], cksum 0xb1fb (incorrect -> 0x0976), seq 1875710046, ack 3542782445, win 28160, options [mss 1420,sackOK,TS val 1107258243 ecr 875004811,nop,wscale 7], length 0
06:51:44.343178 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
10.128.x.xx.22 > 59.90.xxx.xxx.54341: Flags [S.], cksum 0xb1fb (incorrect -> 0x0881), seq 1875710046, ack 3542782445, win 28160, options [mss 1420,sackOK,TS val 1107258488 ecr 875004811,nop,wscale 7], length 0
06:51:45.302310 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
10.128.x.xx.22 > 59.90.xxx.xxx.54341: Flags [S.], cksum 0xb1fb (incorrect -> 0x0791), seq 1875710046, ack 3542782445, win 28160, options [mss 1420,sackOK,TS val 1107258728 ecr 875004811,nop,wscale 7], length 0
06:51:46.302969 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
10.128.x.xx.22 > 59.90.xxx.xxx.54341: Flags [S.], cksum 0xb1fb (incorrect -> 0x0697), seq 1875710046, ack 3542782445, win 28160, options [mss 1420,sackOK,TS val 1107258978 ecr 875004811,nop,wscale 7], length 0
06:51:48.303906 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
10.128.x.xx.22 > 59.90.xxx.xxx.54341: Flags [S.], cksum 0xb1fb (incorrect -> 0x04a2), seq 1875710046, ack 3542782445, win 28160, options [mss 1420,sackOK,TS val 1107259479 ecr 875004811,nop,wscale 7], length 0
06:51:48.316328 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
10.128.x.xx.22 > 59.90.xxx.xxx.54341: Flags [S.], cksum 0xb1fb (incorrect -> 0x049f), seq 1875710046, ack 3542782445, win 28160, options [mss 1420,sackOK,TS val 1107259482 ecr 875004811,nop,wscale 7], length 0
06:51:52.367888 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
10.128.x.xx.22 > 59.90.xxx.xxx.54341: Flags [S.], cksum 0xb1fb (incorrect -> 0x00aa), seq 1875710046, ack 3542782445, win 28160, options [mss 1420,sackOK,TS val 1107260495 ecr 875004811,nop,wscale 7], length 0
客户
sudo tcpdump -n -vvv port 22
12:21:41.114101 IP (tos 0x0, ttl 64, id 53772, offset 0, flags [DF], proto TCP (6), length 64)
192.168.1.5.54341 > 35.193.xx.xx.22: Flags [S], cksum 0x3816 (correct), seq 3542782444, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 875004811 ecr 0,sackOK,eol], length 0
12:21:42.117525 IP (tos 0x0, ttl 64, id 29056, offset 0, flags [DF], proto TCP (6), length 64)
192.168.1.5.54341 > 35.193.xx.xx.22: Flags [S], cksum 0x342e (correct), seq 3542782444, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 875005811 ecr 0,sackOK,eol], length 0
12:21:43.123706 IP (tos 0x0, ttl 64, id 27897, offset 0, flags [DF], proto TCP (6), length 64)
192.168.1.5.54341 > 35.193.xx.xx.22: Flags [S], cksum 0x3046 (correct), seq 3542782444, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 875006811 ecr 0,sackOK,eol], length 0
12:21:44.126723 IP (tos 0x0, ttl 64, id 15522, offset 0, flags [DF], proto TCP (6), length 64)
192.168.1.5.54341 > 35.193.xx.xx.22: Flags [S], cksum 0x2c5e (correct), seq 3542782444, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 875007811 ecr 0,sackOK,eol], length 0
12:21:45.130005 IP (tos 0x0, ttl 64, id 52435, offset 0, flags [DF], proto TCP (6), length 64)
192.168.1.5.54341 > 35.193.xx.xx.22: Flags [S], cksum 0x2876 (correct), seq 3542782444, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 875008811 ecr 0,sackOK,eol], length 0
12:21:46.133002 IP (tos 0x0, ttl 64, id 39289, offset 0, flags [DF], proto TCP (6), length 64)
192.168.1.5.54341 > 35.193.xx.xx.22: Flags [S], cksum 0x248e (correct), seq 3542782444, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 875009811 ecr 0,sackOK,eol], length 0
12:21:48.143329 IP (tos 0x0, ttl 64, id 36640, offset 0, flags [DF], proto TCP (6), length 64)
192.168.1.5.54341 > 35.193.xx.xx.22: Flags [S], cksum 0x1cbe (correct), seq 3542782444, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 875011811 ecr 0,sackOK,eol], length 0
服务器的 auth.log 中没有任何内容出现。
tx-checksumming:服务器上开启
//不同机器日志
ssh -i ~/.ssh/prod_dev_oregon.pem [email protected] -vvv
OpenSSH_7.4p1, LibreSSL 2.5.0
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolving "35.160.xx.xx" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 35.160.xx.xx [35.160.xx.xx] port 22.
debug1: connect to address 35.160.xx.xx port 22: Operation timed out
ssh: connect to host 35.160.xx.xx port 22: Operation timed out
在 SO 上提出这个问题。https://stackoverflow.com/posts/45454459。得到了这样的建议:这就是正确的地方。