无法使用 IPv6 地址进行 SSH,除非我使用正确的地址进行 ping

无法使用 IPv6 地址进行 SSH,除非我使用正确的地址进行 ping

当我尝试通过 SSH 进入运行 Armbian(Ubuntu 22.04.01 LTS)的无线 SBC 时遇到了一个奇怪的问题。

当我尝试使用 FQDN 进行 SSH 时,它没有响应:

vmplayer@vm-play:~$ ssh -l potato potato-blue.mostly-harmless.wlan
^C

如果我强制使用 IPv4,那么它将连接:

vmplayer@vm-play:~$ ssh -4 -l potato potato-blue.mostly-harmless.wlan
[email protected]'s password: 

进行查找可显示 IPv4 和 IPv6 地址:

vmplayer@vm-play:~$ nslookup potato-blue.mostly-harmless.wlan
Server:     127.0.0.53
Address:    127.0.0.53#53

Non-authoritative answer:
Name:   potato-blue.mostly-harmless.wlan
Address: 10.20.30.246
Name:   potato-blue.mostly-harmless.wlan
Address: fdff:9cb4:dff::4bb

查看路由器,我可以看到匹配:

Active DHCPv6 Leases   
Host         IPv6-Address
vm-play      fdff:9cb4:dff::444
potato-blue  fdff:9cb4:dff::4bb

如果我尝试使用查找返回的 IPv6 地址进行 SSH,它没有响应:

vmplayer@vm-play:~$ ssh -l potato fdff:9cb4:dff::4bb
^C

Ping 也没有响应:

vmplayer@vm-play:~$ ping fdff:9cb4:dff::4bb
PING fdff:9cb4:dff::4bb(fdff:9cb4:dff::4bb) 56 data bytes
^C
--- fdff:9cb4:dff::4bb ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 6147ms

进入无线设备并获取 IP 地址,我得到了几个 IPv6 地址:

potato@potato-blue:~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
    link/ether ba:cd:d0:79:a7:3e brd ff:ff:ff:ff:ff:ff
3: wlx3c3300206d7c: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 3c:33:00:20:6d:7c brd ff:ff:ff:ff:ff:ff
    inet 10.20.30.246/24 brd 10.20.30.255 scope global dynamic noprefixroute wlx3c3300206d7c
       valid_lft 43105sec preferred_lft 43105sec
    inet6 fdff:9cb4:dff::4bb/128 scope global noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 fdff:9cb4:dff:0:e94:aec2:3e03:6800/64 scope global temporary dynamic 
       valid_lft 604707sec preferred_lft 86280sec
    inet6 fdff:9cb4:dff:0:4a0f:3507:b82:c02a/64 scope global mngtmpaddr noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 fe80::ff7c:79d3:28c8:2736/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

这就是奇怪的地方,如果我尝试使用 fdff:9cb4:dff:0:e94:aec2:3e03:6800 进行 SSH,它没有响应:

vmplayer@vm-play:~$ ssh -l potato fdff:9cb4:dff:0:e94:aec2:3e03:6800
^C

如果我 ping 它,它会响应:

vmplayer@vm-play:~$ ping fdff:9cb4:dff:0:e94:aec2:3e03:6800
PING fdff:9cb4:dff:0:e94:aec2:3e03:6800(fdff:9cb4:dff:0:e94:aec2:3e03:6800) 56 data bytes
64 bytes from fdff:9cb4:dff:0:e94:aec2:3e03:6800: icmp_seq=1 ttl=64 time=107 ms
64 bytes from fdff:9cb4:dff:0:e94:aec2:3e03:6800: icmp_seq=2 ttl=64 time=1.36 ms
64 bytes from fdff:9cb4:dff:0:e94:aec2:3e03:6800: icmp_seq=3 ttl=64 time=1.13 ms
64 bytes from fdff:9cb4:dff:0:e94:aec2:3e03:6800: icmp_seq=4 ttl=64 time=1.19 ms

如果我尝试使用该地址进行 SSH,那么现在就可以了(但我不想添加 IP 地址):

vmplayer@vm-play:~$ ssh -l potato fdff:9cb4:dff:0:e94:aec2:3e03:6800
The authenticity of host 'fdff:9cb4:dff:0:e94:aec2:3e03:6800 (fdff:9cb4:dff:0:e94:aec2:3e03:6800)' can't be established.
ECDSA key fingerprint is SHA256:mJSIyTtITjN4muTp58tlfien/QOC7v41V0/qlcBS5MY.
Are you sure you want to continue connecting (yes/no/[fingerprint])? no
Host key verification failed.

现在,如果我尝试使用 SSH 而不强制使用 IPv4 并使用 FQDN,它可以工作:

vmplayer@vm-play:~$ ssh -l potato potato-blue.mostly-harmless.wlan
[email protected]'s password: 
Last login: Thu Dec  1 00:11:21 2022 from fdff:9cb4:dff:0:fdea:5e03:da6f:3d2e

我不知道幕后发生了什么,也不知道为什么我有时无法连接,然后执行了所有这些奇怪的步骤。有人能帮忙或解释一下吗?

相关内容