我正在vagrant运行并virtual box安装。我已经创建了从 vagrant box 到远程服务器的反向隧道,但是当我尝试连接到端口 4430 上的本地主机时,运行命令时不断收到以下错误:CentOSNginx
curl -v 'https://localhost:4430'
* About to connect() to localhost port 4430 (#0)
* Trying ::1... Connection refused
* Trying 127.0.0.1... Connection refused
* couldn't connect to host
* Closing connection #0
curl: (7) couldn't connect to host
我一直在尝试在浏览器中加载该网站,但 Chrome 也抛出错误。
This webpage is not available
ERR_CONNECTION_REFUSED
我想做的是创建一个反向隧道,它似乎工作正常,因为我可以连接到远程计算机并创建隧道,但我无法使用本地计算机上所需的(反向端口)进行浏览。
这是我的隧道脚本:
ssh -v -R 4430:localhost:443 [email protected] -N
有谁知道问题可能是什么?
我可以使用端口 443 连接,但不能使用 4430!
任何帮助,将不胜感激!
更新
运行以下命令会产生以下输出
ssh -v -R 4430:localhost-domain:443 [email protected] -N
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to vm.domain.com [54.149.189.155] port 22.
debug1: Connection established.
debug1: identity file /home/vagrant/.ssh/identity type -1
debug1: identity file /home/vagrant/.ssh/identity-cert type -1
debug1: identity file /home/vagrant/.ssh/id_rsa type 1
debug1: identity file /home/vagrant/.ssh/id_rsa-cert type -1
debug1: identity file /home/vagrant/.ssh/id_dsa type -1
debug1: identity file /home/vagrant/.ssh/id_dsa-cert type -1
debug1: identity file /home/vagrant/.ssh/id_ecdsa type -1
debug1: identity file /home/vagrant/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'vm.domain.com' is known and matches the RSA host key.
debug1: Found key in /home/vagrant/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/vagrant/.ssh/identity
debug1: Offering public key: /home/vagrant/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: Local connections to LOCALHOST:4430 forwarded to remote address localhost-domain:443
debug1: Local forwarding listening on ::1 port 4430.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port 4430.
debug1: channel 1: new [port listener]
debug1: Requesting [email protected]
debug1: Entering interactive session.
我想LOCALHOST:4430应该是流浪盒的主机名?例如local-domain:4430
答案1
我认为您缺少该-g选项,因为否则远程端口将仅侦听localhost,这意味着除远程之外的任何其他主机localhost都将无法连接到它。
它可以-g监听0.0.0.0,这意味着它可以在所有接口上使用,而不仅仅是localhost.
正如ssh(1)选项g“允许远程主机连接到本地转发端口。如果在多路复用连接上使用,则必须在主进程上指定此选项。”
您还提到您已在流浪盒中创建了此隧道。那么curl你的展示也在流浪者盒子里,对吗?否则,如果您curl在主机系统上运行而不是在 vagrant box 内运行,则将无法工作。如果你想从主机系统(不在 vagrant box 内部)连接到隧道,你必须连接到 vagrant box 的 IP,而不是127.0.0.1.
答案2
只是为了确保我理解。您使用该命令行从客户端计算机 ssh 到服务器吗?然后在服务器上运行curl命令到端口4430?
那应该有效。如果没有,则登录服务器并检查端口 4430 是否正在侦听
netatat -tnl | grep 4430
可能 sshd 配置为不允许端口转发。
如果你想在客户端上运行curl来连接到localhost:4430以便连接到服务器的端口443,那么你应该使用-L而不是-R。