以下是我的 ssh 配置文件。
# ~/.ssh/config
$ cat config
Host myproxy
HostName proxy.server.com
User proxyuser
GSSAPIAuthentication no
ControlPath /tmp/%r@%h:%p
ControlMaster auto
ControlPersist 10h
Host target
HostName target.server.com
User targetuser
ProxyJump myproxy
GSSAPIAuthentication yes
StrictHostKeyChecking no
IdentityFile ~/.ssh/id_rsa.service
当我ssh myproxy
在本地笔记本电脑上运行时,它成功了。
$ ssh -vvv myproxy
OpenSSH_8.6p1, LibreSSL 2.8.3
debug1: Reading configuration data /Users/user/.ssh/config
debug1: /Users/user/.ssh/config line 10: Applying options for myproxy
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/Users/user/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/Users/user/.ssh/known_hosts2'
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: auto-mux: Trying existing master
debug2: fd 3 setting O_NONBLOCK
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_forwards: request forwardings: 0 local, 0 remote
debug3: mux_client_request_session: entering
debug3: mux_client_request_alive: entering
debug3: mux_client_request_alive: done pid = 66279
debug3: mux_client_request_session: session request sent
debug1: mux_client_request_session: master session id: 2
proxyuser@proxy-bastion-prod:~:
当我ssh -i ~/.ssh/id_rsa.service target.server.com
在代理服务器上运行时,它也成功了。
proxyuser@proxy-bastion-prod:~: ssh -i ~/.ssh/id_rsa.service [email protected]
但是,当我ssh target
在本地笔记本电脑上运行时,它失败了。
$ ssh -vvv target
OpenSSH_8.6p1, LibreSSL 2.8.3
debug1: Reading configuration data /Users/user/.ssh/config
debug1: /Users/user/.ssh/config line 18: Applying options for target
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug1: Setting implicit ProxyCommand from ProxyJump: ssh -vvv -W '[%h]:%p' target
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/Users/user/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/Users/user/.ssh/known_hosts2'
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Executing proxy command: exec ssh -vvv -W '[target.server.com]:22' target
debug1: identity file /Users/user/.ssh/id_rsa.service type -1
debug1: identity file /Users/user/.ssh/id_rsa.service-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.6
OpenSSH_8.6p1, LibreSSL 2.8.3
debug1: Reading configuration data /Users/user/.ssh/config
debug1: /Users/user/.ssh/config line 10: Applying options for target
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/Users/user/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/Users/user/.ssh/known_hosts2'
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: auto-mux: Trying existing master
debug2: fd 3 setting O_NONBLOCK
debug2: mux_client_hello_exchange: master version 4
debug3: mux_client_request_stdio_fwd: entering
debug3: mux_client_request_alive: entering
debug3: mux_client_request_alive: done pid = 66279
debug3: mux_client_request_stdio_fwd: stdio forward request sent
Stdio forwarding request failed: Session open refused by peer
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535
id_rsa.service
我的本地笔记本电脑上也存在该文件。
我不知道这些日志是什么意思。
我应该去哪里检查?
任何链接或评论都将受到赞赏!
答案1
由于您连接到目标,例如
ssh -i ~/.ssh/id_rsa.service target.server.com
提供密钥。我猜你必须在代理端进行某种配置,以便在进行跳转时正确获取密钥。