尝试连接到 Windows 计算机上的 OpenSSH 时出现“ssh_exchange_identification:读取:对等方重置连接”错误

tag-icon tag-icon windows-server-2008 ssh
尝试连接到 Windows 计算机上的 OpenSSH 时出现“ssh_exchange_identification:读取:对等方重置连接”错误

我正在尝试在 Windows2k8 服务器上设置 SSH 服务器。我使用了以下说明这里。以下是详细输出:

steves-air:~ steve$ ssh [email protected] -v
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to mydomain.ca port 22.
debug1: Connection established.
debug1: identity file /Users/steve/.ssh/id_rsa type -1
debug1: identity file /Users/steve/.ssh/id_rsa-cert type -1
debug1: identity file /Users/steve/.ssh/id_dsa type -1
debug1: identity file /Users/steve/.ssh/id_dsa-cert type -1
debug1: identity file /Users/steve/.ssh/id_ecdsa type -1
debug1: identity file /Users/steve/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/steve/.ssh/id_ed25519 type -1
debug1: identity file /Users/steve/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/steve/.ssh/id_xmss type -1
debug1: identity file /Users/steve/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
ssh_exchange_identification: read: Connection reset by peer

到目前为止,我能够建立网络连接,这表明这不是防火墙问题。作为测试,我还尝试在 cygwin 下运行 sshd。我能够通过它获得终端提示。不过,我更喜欢使用 OpenSSH,因为我想让它与 powershell 一起工作。

我尝试将日志级别设置为 DEBUG,但没有从那里获得任何其他故障排除信息。

我将非常感激任何指导。

*编辑:我刚刚意识到我应该提一下。我尝试将 hosts.allow 文件放在 %programdata%/ssh 目录中。这没有帮助,我不确定它是否适用于这种情况。

*edit2:我尝试按照故障排除步骤以交互模式运行 sshd这里。当我尝试连接时,Windows 出现应用程序崩溃。这是崩溃前的输出:

PS C:\Program Files\OpenSSH> .\sshd.exe -d
debug1: sshd version OpenSSH_for_Windows_7.9, LibreSSL 2.6.5
debug1: private host key #0: ssh-rsa SHA256:XXX
debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:XXX
debug1: private host key #2: ssh-ed25519 SHA256:XXX
debug1: rexec_argv[0]='C:\\Program Files\\OpenSSH\\sshd.exe'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug1: Server will not fork when running in debugging mode.
Connection from 192.168.1.39 port 51410 on 192.168.1.3 port 22
debug1: Client protocol version 2.0; client software version 
OpenSSH_7.9
debug1: match: OpenSSH_7.9 pat OpenSSH* compat 0x04000000
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_7.9
debug1: monitor_read_log: child log fd closed
debug1: do_cleanup
debug1: Killing privsep child 10684

答案1

答案似乎是“你无法从这里到达那里”。我在 git 上找到了一个已关闭的问题,上面写着不支持 w2k8 标准。我尝试在另一台装有 2k8R2 的服务器上安装,并且安装很顺利。

答案2

如果没有其他方法,请检查这个。

在 的帮助下我能够找到根本原因systemctl status sshd

我的/etc/hosts.deny最后没有换行符。

➜  ~ cat /etc/hosts.deny       
# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
#                  See the manual pages hosts_access(5) and hosts_options(5).
#
# Example:    ALL: some.host.name, .some.domain
#             ALL EXCEPT in.fingerd: other.host.name, .other.domain
#
# If you're going to protect the portmapper use the name "rpcbind" for the
# daemon name. See rpcbind(8) and rpc.mountd(8) for further information.
#
# The PARANOID wildcard matches any host whose name does not match its
# address.
#
# You may wish to enable this to ensure any programs that don't
# validate looked up hostnames still leave understandable logs. In past
# versions of Debian this has been the default.
# ALL: PARANOID%                                                                                                                                                                                                     ➜  ~ 
➜  ~ ssh localhost             
ssh_exchange_identification: read: Connection reset by peer
➜  ~ 
➜  ~ sudo systemctl status sshd 
● ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
   Active: active (running) since Mon 2019-10-14 16:45:43 IST; 20s ago
  Process: 11488 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
 Main PID: 11494 (sshd)
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/ssh.service
           └─11494 /usr/sbin/sshd -D

Oct 14 16:45:43 mani-8681 systemd[1]: Starting OpenBSD Secure Shell server...
Oct 14 16:45:43 mani-8681 sshd[11494]: Server listening on 0.0.0.0 port 22.
Oct 14 16:45:43 mani-8681 sshd[11494]: Server listening on :: port 22.
Oct 14 16:45:43 mani-8681 systemd[1]: Started OpenBSD Secure Shell server.
Oct 14 16:45:54 mani-8681 sshd[11555]: warning: /etc/hosts.deny, line 15: missing newline or line too long
Oct 14 16:45:54 mani-8681 sshd[11555]: warning: /etc/hosts.deny, line 15: all the subsequent rules will be ignored
Oct 14 16:45:54 mani-8681 sshd[11555]: refused connect from 127.0.0.1 (127.0.0.1)

最后添加换行符即可解决问题。

➜  ~ cat /etc/hosts.deny
# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system.
#                  See the manual pages hosts_access(5) and hosts_options(5).
#
# Example:    ALL: some.host.name, .some.domain
#             ALL EXCEPT in.fingerd: other.host.name, .other.domain
#
# If you're going to protect the portmapper use the name "rpcbind" for the
# daemon name. See rpcbind(8) and rpc.mountd(8) for further information.
#
# The PARANOID wildcard matches any host whose name does not match its
# address.
#
# You may wish to enable this to ensure any programs that don't
# validate looked up hostnames still leave understandable logs. In past
# versions of Debian this has been the default.
# ALL: PARANOID
➜  ~ ssh localhost date
Password:
Mon Oct 14 16:51:56 IST 2019

答案3

无论如何,你可以尝试 Cygwin 的 OpenSSH 端口。如果你只是想检查一下它是否有效,你可以试试这个:

https://github.com/Bill-Stewart/CygSSH

但是,它确实需要 Vista/Server 2008 上的 Windows PowerShell v2,因此您需要先安装它(希望您已经安装过了)。

相关内容