我真的是新来的solaris,我安装了所有的默认选项的Solaris 11 Express,但我有一个很难的SSH连接。
我能够通过本地主机和同一子网中的客户端通过SSH连接到Solaris服务器,但是当我尝试从位于不同子网上的客户端进行连接时(无论使用哪个ssh客户端),我无法。 我已经尝试了Debian GNU / Linux 6.0.1附带的ssh客户端,我尝试了Secure Shell Client 3.2.9等,没有运气。 我甚至尝试在虚拟机中安装其他Solaris 11 Express,使用不同子网中的公有地址进行NAT,而且我仍然遇到同样的问题。
以下是我使用-vvv选项运行时从ssh客户端收到的输出:
andres@solaris1:~$ ssh root@<ip-address> -p <port> -vvv Sun_SSH_1.5, SSH protocols 1.5/2.0, OpenSSL 0x009080ff debug1: Reading configuration data /etc/ssh/ssh_config debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: ssh_connect: needpriv 0 debug1: Connecting to <ip-address> [<ip-address>] port <port>. debug1: Connection established. debug1: identity file /home/andres/.ssh/identity type -1 debug1: identity file /home/andres/.ssh/id_rsa type -1 debug1: identity file /home/andres/.ssh/id_dsa type -1 debug1: Logging to host: <ip-address> debug1: Local user: andres Remote user: root debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.5 debug1: match: Sun_SSH_1.5 pat Sun_SSH_1.5* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-Sun_SSH_1.5 debug1: use_engine is 'yes' debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers debug1: pkcs11 engine initialization complete debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,3des-cbc debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour128,arcfour256,arcfour,aes128-cbc,aes192-cbc,aes256-cbc,blowfish-cbc,3des-cbc debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: en-US debug2: kex_parse_kexinit: en-US debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug1: Failed to acquire GSS-API credentials for any mechanisms (No credentials were supplied, or the credentials were unavailable or inaccessible ) debug1: SSH2_MSG_KEXINIT sent debug3: kex_reset_dispatch -- should we dispatch_set(KEXINIT) here? 0 && !0 Read from socket failed: Connection reset by peer debug1: Calling cleanup 0x8079eb0(0x0) 当用-ddd选项指定时,服务器中的sshd将打印以下内容:(仅限最后一部分)
debug1: We proposed langtags, stoc: af-ZA,ar-EG,as-IN,az-AZ,be-BY,bg-BG,bn-IN,bs-BA,ca-ES,cs-CZ,da-DK,de-DE,el-GR,en-US,es-ES,et-EE,fi-FI,fr-FR,gu-IN,he-IL,hi-IN,hr-HR,hu-HU,hy-AM,id-ID,is-IS,it-IT,ja-JP,ka-GE,kk-KZ,kn-IN,ko-KR,ks-IN,ku-TR,ky-KG,lt-LT,lv-LV,mk-MK,ml-IN,mr-IN,ms-MY,mt-MT,nb-NO,nl-NL,nn-NO,or-IN,pa-IN,pl-PL,pt-BR,pt-PT,ro-RO,ru-RU,sa-IN,sk-SK,sl-SI,sq-AL,sr-RS,sv-SE,th-TH,tr-TR,uk-UA,vi-VN,zh-CN,i-default,zh-TW debug1: Negotiated main locale: en_US.UTF-8 debug1: Negotiated messages locale: en_US.UTF-8 Write failed: Broken pipe debug1: Calling cleanup 0x808bc80(0x0) monitor debug1: child closed the communication pipe before user auth was finished monitor debug1: Calling cleanup 0x808bc80(0x0) monitor debug1: Calling cleanup 0x808bc80(0x0)
文件/ etc / ssh / sshd_config具有默认的内容,并且我在某处添加了行…
GSSAPIAuthentication no
…可以帮助,但没有。
恐怕这也不是防火墙的问题,因为我有一些其他的Linux系统在相同的networkingconfiguration,我可以接触到他们…实际上,通过其中一个我可以通过做到Solaris系统双ssh。
更新 / etc / ssh / sshd_config启用了rootlogin
如果问题只在不同的子网上,那么不太可能是SSH问题。 这可能是默认的路线设置。 你使用DHCP还是静态IP? 您可以使用“netstat -nr”检查默认路由。
那么,我看起来像是ISP的错。 我有权访问第三个子网,它的工作完美无瑕…我想SunOS的ssh在某些时候被阻塞了,当stream量从子网stream出或者来自不同的networking时,我甚至尝试使用相同的IP地址和端口组合作为一些有sshd工作的Linux机器,并没有改变。 让我怀疑的是连接的两端都报告了另一个端点的链接。