SSH 到网络别名 ssh_exchange_identification:读取:对端重置连接

tag-icon tag-icon networking ssh
SSH 到网络别名 ssh_exchange_identification:读取:对端重置连接

新安装:Ubuntu 14.04.2 LTS (GNU/Linux 3.16.0-45-generic x86_64)

我使用 SSH 连接到 DHCP 地址 没有任何问题.22,但是当我尝试别名地址时,.80连接被对方​​重置。除了全新安装和设置网络别名之外,我没有进行任何其他设置。 未启用,并且或ufw中没有任何内容。我尝试删除,但结果都没有改变。我已启用 sshd_config ,但没有提供有关重置的连接尝试的任何信息。hosts.denyhosts.allowknown_hostsLogLevel DEBUG/var/log/auth.log

/etc/dhcp/dhclient.conf

alias {
  interface "eth0";
  fixed-address 10.1.10.80;
}

是否配置

eth0      Link encap:Ethernet  HWaddr c8:60:00:a6:02:9e  
          inet addr:10.1.10.22  Bcast:10.1.10.255  Mask:255.255.255.0
          inet6 addr: fe80::ca60:ff:fea6:29e/64 Scope:Link
          inet6 addr: 2601:484:c301:c400:ca60:ff:fea6:29e/64 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6358 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1465 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:551715 (551.7 KB)  TX bytes:260772 (260.7 KB)
          Interrupt:18 Memory:fb700000-fb720000 

eth0:0    Link encap:Ethernet  HWaddr c8:60:00:a6:02:9e  
          inet addr:10.1.10.80  Bcast:0.0.0.0  Mask:255.255.255.255
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          Interrupt:18 Memory:fb700000-fb720000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:16 errors:0 dropped:0 overruns:0 frame:0
          TX packets:16 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:1184 (1.1 KB)  TX bytes:1184 (1.1 KB)

成功通过 SSH 连接到 22

kross$ ssh -v 10.1.10.22
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /Users/kross/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 102: Applying options for *
debug1: Connecting to 10.1.10.22 [10.1.10.22] port 22.
debug1: Connection established.
debug1: identity file /Users/kross/.ssh/id_rsa type 1
debug1: identity file /Users/kross/.ssh/id_rsa-cert type -1
debug1: identity file /Users/kross/.ssh/id_dsa type -1
debug1: identity file /Users/kross/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2 pat OpenSSH*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr [email protected] none
debug1: kex: client->server aes128-ctr [email protected] none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA be:5f:04:6c:62:a6:bd:28:57:ec:63:43:c0:9c:eb:b9
debug1: Host '10.1.10.22' is known and matches the RSA host key.
debug1: Found key in /Users/kross/.ssh/known_hosts:28
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/kross/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /Users/kross/.ssh/id_dsa
debug1: Next authentication method: password

尝试通过 SSH 连接到别名固定 IP 时失败

kross$ ssh -v 10.1.10.80
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /Users/kross/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: /etc/ssh_config line 102: Applying options for *
debug1: Connecting to 10.1.10.80 [10.1.10.80] port 22.
debug1: Connection established.
debug1: identity file /Users/kross/.ssh/id_rsa type 1
debug1: identity file /Users/kross/.ssh/id_rsa-cert type -1
debug1: identity file /Users/kross/.ssh/id_dsa type -1
debug1: identity file /Users/kross/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
ssh_exchange_identification: read: Connection reset by peer

子网掩码

因此基于类似问题,我注意到别名掩码是.255而不是.0。我尝试设置选项以查看是否更改了任何内容,但值没有改变。我有另一台以相同方式设置的 ubuntu 服务器,它看起来一样(别名掩码也是.255,所以也许这不是问题。

监听地址

我尝试更改ListenAddresssshd_config,但没有任何变化。似乎这个配置用于限制访问,而不是默认的监听所有地址。

网络状态

# netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         10.1.10.1       0.0.0.0         UG        0 0          0 eth0
10.1.10.0       0.0.0.0         255.255.255.0   U         0 0          0 eth0
10.1.10.80      0.0.0.0         255.255.255.255 UH        0 0          0 eth0

答案1

因此,设置固定 IP 地址的第一步应该是确保其他设备尚未连接到该 IP!当我将 IP 更改为尚未被占用的 IP 时,一切都正常了。

答案2

检查man sshd_conf,其中部分内容如下:

 ListenAddress
         Specifies the local addresses sshd(8) should listen on.  The following forms may be used:

               ListenAddress host|IPv4_addr|IPv6_addr
               ListenAddress host|IPv4_addr:port
               ListenAddress [host|IPv6_addr]:port

         If port is not specified, sshd will listen on the address and all prior Port options specified.  The default is to listen on all local addresses.  Multi‐
         ple ListenAddress options are permitted.  Additionally, any Port options must precede this option for non-port qualified addresses.

因此我建议您ListenAddress 10.1.10.80添加/etc/ssh/sshd_config

sshd在第二种情况下,没有“监听”该 IP 地址,因此拒绝连接。

答案3

以供参考对我有用。

添加/etc/hosts.allowsshd :ALL

相关内容