我想从互联网远程登录我的 Ubuntu 18.04 机器的桌面。
因此,我在我的(fritz.box)路由器上启用了端口 22 的端口转发。
另外,我激活了防火墙,只允许来自外部对端口 22 的请求:
$ sudo ufw status
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
尽管如此,我可以在我的文件中看到以下日志条目/var/log/auth.log(我更改了我的计算机名称和请求发起者的 IP 地址)。
我的问题是:为什么我会看到这些不同于 22 的端口的条目?
备注:目前,我允许通过密码登录(但下次尝试时我将通过仅允许通过私钥/公钥模式登录来禁用此功能)。
Dec 21 06:56:05 this-is-my-computer-name sshd[26654]: Disconnected from invalid user user IP_ADDRESS_1_IN_A_FOREIGN_COUNTRY port 51904 [preauth]
Dec 21 06:56:50 this-is-my-computer-name sshd[26656]: Invalid user user from IP_ADDRESS_1_IN_A_FOREIGN_COUNTRY port 53030
Dec 21 06:56:50 this-is-my-computer-name sshd[26656]: pam_unix(sshd:auth): check pass; user unknown
Dec 21 06:56:50 this-is-my-computer-name sshd[26656]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_1_IN_A_FOREIGN_COUNTRY
Dec 21 06:56:51 this-is-my-computer-name sshd[26656]: Failed password for invalid user user from IP_ADDRESS_1_IN_A_FOREIGN_COUNTRY port 53030 ssh2
Dec 21 06:56:52 this-is-my-computer-name sshd[26656]: Received disconnect from IP_ADDRESS_1_IN_A_FOREIGN_COUNTRY port 53030:11: Normal Shutdown, Thank you for playing [preauth]
Dec 21 06:56:52 this-is-my-computer-name sshd[26656]: Disconnected from invalid user user IP_ADDRESS_1_IN_A_FOREIGN_COUNTRY port 53030 [preauth]
Dec 21 07:09:01 this-is-my-computer-name CRON[26678]: pam_unix(cron:session): session opened for user root by (uid=0)
Dec 21 07:09:01 this-is-my-computer-name CRON[26678]: pam_unix(cron:session): session closed for user root
Dec 21 07:17:01 this-is-my-computer-name CRON[26732]: pam_unix(cron:session): session opened for user root by (uid=0)
Dec 21 07:17:01 this-is-my-computer-name CRON[26732]: pam_unix(cron:session): session closed for user root
Dec 21 07:19:37 this-is-my-computer-name sshd[26736]: Did not receive identification string from IP_ADDRESS_2_IN_A_FOREIGN_COUNTRY port 57230
Dec 21 07:20:42 this-is-my-computer-name sshd[26738]: Invalid user user from IP_ADDRESS_2_IN_A_FOREIGN_COUNTRY port 39416
Dec 21 07:20:42 this-is-my-computer-name sshd[26738]: pam_unix(sshd:auth): check pass; user unknown
Dec 21 07:20:42 this-is-my-computer-name sshd[26738]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_2_IN_A_FOREIGN_COUNTRY
Dec 21 07:20:45 this-is-my-computer-name sshd[26738]: Failed password for invalid user user from IP_ADDRESS_2_IN_A_FOREIGN_COUNTRY port 39416 ssh2
Dec 21 07:20:45 this-is-my-computer-name sshd[26738]: Received disconnect from IP_ADDRESS_2_IN_A_FOREIGN_COUNTRY port 39416:11: Normal Shutdown, Thank you for playing [preauth]
Dec 21 07:20:45 this-is-my-computer-name sshd[26738]: Disconnected from invalid user user IP_ADDRESS_2_IN_A_FOREIGN_COUNTRY port 39416 [preauth]
Dec 21 07:21:37 this-is-my-computer-name sshd[26741]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY user=root
Dec 21 07:21:39 this-is-my-computer-name sshd[26741]: Failed password for root from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 20851 ssh2
Dec 21 07:21:44 this-is-my-computer-name sshd[26741]: message repeated 2 times: [ Failed password for root from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 20851 ssh2]
Dec 21 07:21:45 this-is-my-computer-name sshd[26741]: Received disconnect from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 20851:11: [preauth]
Dec 21 07:21:45 this-is-my-computer-name sshd[26741]: Disconnected from authenticating user root IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 20851 [preauth]
Dec 21 07:21:45 this-is-my-computer-name sshd[26741]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY user=root
Dec 21 07:21:47 this-is-my-computer-name sshd[26743]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY user=root
Dec 21 07:21:49 this-is-my-computer-name sshd[26743]: Failed password for root from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 37120 ssh2
Dec 21 07:21:54 this-is-my-computer-name sshd[26743]: message repeated 2 times: [ Failed password for root from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 37120 ssh2]
Dec 21 07:21:54 this-is-my-computer-name sshd[26743]: Received disconnect from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 37120:11: [preauth]
Dec 21 07:21:54 this-is-my-computer-name sshd[26743]: Disconnected from authenticating user root IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 37120 [preauth]
Dec 21 07:21:54 this-is-my-computer-name sshd[26743]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY user=root
Dec 21 07:21:57 this-is-my-computer-name sshd[26745]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY user=root
Dec 21 07:21:58 this-is-my-computer-name sshd[26745]: Failed password for root from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 42983 ssh2
Dec 21 07:22:03 this-is-my-computer-name sshd[26745]: message repeated 2 times: [ Failed password for root from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 42983 ssh2]
Dec 21 07:22:03 this-is-my-computer-name sshd[26745]: Received disconnect from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 42983:11: [preauth]
Dec 21 07:22:03 this-is-my-computer-name sshd[26745]: Disconnected from authenticating user root IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 42983 [preauth]
Dec 21 07:22:03 this-is-my-computer-name sshd[26745]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY user=root
Dec 21 07:22:05 this-is-my-computer-name sshd[26747]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY user=root
Dec 21 07:22:08 this-is-my-computer-name sshd[26747]: Failed password for root from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 43076 ssh2
Dec 21 07:22:13 this-is-my-computer-name sshd[26747]: message repeated 2 times: [ Failed password for root from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 43076 ssh2]
Dec 21 07:22:13 this-is-my-computer-name sshd[26747]: Received disconnect from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 43076:11: [preauth]
Dec 21 07:22:13 this-is-my-computer-name sshd[26747]: Disconnected from authenticating user root IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 43076 [preauth]
Dec 21 07:22:13 this-is-my-computer-name sshd[26747]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY user=root
Dec 21 07:22:15 this-is-my-computer-name sshd[26749]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY user=root
Dec 21 07:22:18 this-is-my-computer-name sshd[26749]: Failed password for root from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 49861 ssh2
Dec 21 07:22:22 this-is-my-computer-name sshd[26749]: message repeated 2 times: [ Failed password for root from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 49861 ssh2]
Dec 21 07:22:23 this-is-my-computer-name sshd[26749]: Received disconnect from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 49861:11: [preauth]
Dec 21 07:22:23 this-is-my-computer-name sshd[26749]: Disconnected from authenticating user root IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 49861 [preauth]
Dec 21 07:22:23 this-is-my-computer-name sshd[26749]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY user=root
Dec 21 07:22:25 this-is-my-computer-name sshd[26751]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY user=root
Dec 21 07:22:27 this-is-my-computer-name sshd[26751]: Failed password for root from IP_ADDRESS_3_IN_A_FOREIGN_COUNTRY port 53988 ssh2