我正在做ssh反向端口转发,以通过公共ip访问只能在本地访问的Web服务器。
在我的笔记本电脑上执行以下命令后:
ssh -v -o "ExitOnForwardFailure yes" -o GatewayPorts=yes -g username@remoteserver -R '*:9080:localhost:3000'
然后,当我在浏览器中访问时http://remoteserver:9080
,我看到本地主机(我的笔记本电脑)上端口3000上运行的任何服务器提供的内容。
在家里的笔记本电脑上完成操作,或通过iPhone(3G网络连接)连接到Internet时,此操作可以按预期进行。
它如果我是企业网络的背后不工作我目前正在为公司的:
All remote forwarding requests processed
(请参阅下面的日志)http://remoteserver:9080
从公司网络内部的客户端访问只是显示“无法连接错误”更新:由于Paul的评论,我发现http://remote server:9080
与公司网络外部的客户端连接可以正常工作。
为什么(在哪里?)从公司网络-> 远程服务器->本地网络上的笔记本电脑[通过ssh]的连接将被阻止?
我试图将命令的末尾编辑为:
… -R '*:9080:local_ip_address_of_my_laptop:3000'
但这并没有改变任何东西。
为什么不起作用?
我该如何解决?
在下面的日志中,我看到一行不知道是什么意思,也找不到原因/含义: debug1: Roaming not allowed by server
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug1: Connecting to remoteserver [IP_ADDRESS] port 22.
debug1: Connection established.
debug1: identity file redacted type 2
debug1: identity file redacted type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2 Debian-9etch3
debug1: match: OpenSSH_4.3p2 Debian-9etch3 pat OpenSSH_4*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA redacted
debug1: Host 'remoteserver' is known and matches the RSA host key.
debug1: Found key in /Users/redacted/.ssh/known_hosts:17
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering DSA public key: redacted
debug1: Server accepts key: pkalg ssh-dss blen 434
debug1: Authentication succeeded (publickey).
Authenticated to remoteserver ([ip_address]:22).
debug1: Remote connections from *:9080 forwarded to local address localhost:3000
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: remote forward success for: listen 9080, connect localhost:3000
debug1: All remote forwarding requests processed
debug1: Sending environment.
debug1: Sending env LC_CTYPE = UTF-8
debug1: Sending env LANG =
debug1: Sending env LC_ALL = fr_FR
出站连接无法从公司网络正常工作的常见原因是防火墙阻止了会话,而不是ssh本身的问题。
如果您可以通过端口22进行访问,则可以根据您要实现的目的,将本地端口转发而不是反向。
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句