更新至 Fedora 35 后,使用 ProxyCommand 的 SSH 失败

tag-icon tag-icon ssh fedora
更新至 Fedora 35 后,使用 ProxyCommand 的 SSH 失败

我使用的命令如下:

ssh -o ProxyCommand='ncat --proxy-type socks5 --proxy 127.0.0.1:3744 %h %p' [email protected]

自从更新到 Fedora 35 以来,连接失败并显示错误消息

kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535

我确认代理在 Web 浏览器中仍然有效。使用另一台计算机或在容器中使用 Fedora 34 时,与服务器的连接仍然有效。在容器中使用 Fedora 35 时会失败。我也可以使用其他服务器重现结果。

详细输出似乎没有帮助

OpenSSH_8.7p1, OpenSSL 1.1.1l  FIPS 24 Aug 2021
debug1: Reading configuration data /home/me/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: configuration requests final Match pass
debug1: re-parsing configuration
debug1: Reading configuration data /home/me/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/50-redhat.conf
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: Executing proxy command: exec ncat -v --proxy-type socks5 --proxy 127.0.0.1:3744 example.com 22
debug1: identity file /home/me/.ssh/id_rsa type 0
debug1: identity file /home/me/.ssh/id_rsa-cert type -1
debug1: identity file /home/me/.ssh/id_dsa type -1
debug1: identity file /home/me/.ssh/id_dsa-cert type -1
debug1: identity file /home/me/.ssh/id_ecdsa type -1
debug1: identity file /home/me/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/me/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/me/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/me/.ssh/id_ed25519 type -1
debug1: identity file /home/me/.ssh/id_ed25519-cert type -1
debug1: identity file /home/me/.ssh/id_ed25519_sk type -1
debug1: identity file /home/me/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/me/.ssh/id_xmss type -1
debug1: identity file /home/me/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.7
Ncat: Version 7.91 ( https://nmap.org/ncat )
Ncat: Connected to proxy 127.0.0.1:3744
Ncat: No authentication needed.
Ncat: Host example.com will be resolved by the proxy.
Ncat: connection succeeded.
Ncat: 0 bytes sent, 0 bytes received in 0.04 seconds.
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535

答案1

有同样的问题。fedora 35 中的 nmap-ncat 似乎出了问题(即 nmap-ncat-7.91-8.fc35.x86_64)

作为一种解决方法,您可以使用 netcat-1.218-2.fc35.x86_64

或直接安装rpm -vhU https://nmap.org/dist/ncat-7.92-1.x86_64.rpm

https://nmap.org/download.html

相关内容