它是从有关端口转发的问题中得到的答案,但我不确定这是什么意思。
$ ssh lab_desktop -L 2200:lab_server:22 -vvv
我的疯狂猜测:
首先连接到lab_desktop,然后再次登录到lab_server(端口22),从该连接接收的数据将转发到lab_desktop的端口2200。
我的猜测是正确的吗?
但我仍然不明白'-vvv'是什么意思...
应用答案后更新:
好吧,有了克里克的有用答案和评论,我尽了最大的努力使克里克的答案起作用
再说一次,让我弄清楚术语
mypc
-负责所有打字的人
lab_desktop
-SSH服务器
lab_server
-我想与之沟通的最终目的地。该服务器仅允许来自的连接lab_desktop
。还有一件事:它将仅允许通过端口122进行连接。
没关系,因为在伐木lab_desktop
和lab_server
需要用户名和密码,我只是做了RSA身份验证mypc
-lab_desktop
和lab_desktop
-lab_server
这样我就不会面对输入密码所有的时间的麻烦,只是预留的密码进入制作的可能性ssh命令比较复杂。
之后,我使用了命令:
ssh Black@lab_desktop -v -L 2200:lab_server:122
以下是输出
chulhyun@chulhyun-Inspiron-3420:~/.ssh$ ssh Black@$labcom -v -L 2200:143.248.146.204:122
OpenSSH_5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 143.248.143.198 [143.248.143.198] port 22.
debug1: Connection established.
debug1: identity file /home/chulhyun/.ssh/id_rsa type -1
debug1: identity file /home/chulhyun/.ssh/id_rsa-cert type -1
debug1: identity file /home/chulhyun/.ssh/id_dsa type -1
debug1: identity file /home/chulhyun/.ssh/id_dsa-cert type -1
debug1: identity file /home/chulhyun/.ssh/id_ecdsa type -1
debug1: identity file /home/chulhyun/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 79:64:5d:e7:ac:78:b7:52:3d:9a:6a:3b:c1:37:a0:2d
debug1: Host '143.248.143.198' is known and matches the ECDSA host key.
debug1: Found key in /home/chulhyun/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/chulhyun/.ssh/id_rsa
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to 143.248.143.198 ([143.248.143.198]:22).
debug1: Local connections to LOCALHOST:2200 forwarded to remote address 143.248.146.204:122
debug1: Local forwarding listening on ::1 port 2200.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port 2200.
debug1: channel 1: new [port listener]
debug1: channel 2: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = ko_KR.UTF-8
Last login: Tue Jun 24 16:47:27 2014 from 143.248.244.12
Black@Black-PC ~
$
它很长,但我想我唯一要看的就是线条:
debug1: Local connections to LOCALHOST:2200 forwarded to remote address 143.248.146.204:122
debug1: Local forwarding listening on ::1 port 2200.
当我使用netstat查看是否为true(netstat -tulpn | grep 2200
)时,输出为:
root@chulhyun-Inspiron-3420:/etc/ssh# netstat -tulpn | grep 2200
tcp 0 0 127.0.0.1:2200 0.0.0.0:* LISTEN 14966/ssh
tcp6 0 0 ::1:2200 :::* LISTEN 14966/ssh
所以我认为ssh跳跃毕竟已经建立了。
现在的问题是当我尝试在中使用端口2200时mypc
。正如Creek所建议的那样,我需要利用此端口,因此我尝试使用我的root帐户和用户帐户登录,但结果由于密码而失败。
chulhyun@chulhyun-Inspiron-3420:~$ su
password:
root@chulhyun-Inspiron-3420:/home/chulhyun# ssh root@localhost -p 2200
root@localhost's password:
Permission denied, please try again.
root@localhost's password:
root@chulhyun-Inspiron-3420:/home/chulhyun# exit
exit
chulhyun@chulhyun-Inspiron-3420:~$ ssh chulhyun@localhost -p 2200
chulhyun@localhost's password:
Permission denied, please try again.
密码是我确定的正确密码。但是我不明白为什么它不起作用...
我到了这一点。您能帮助您走得更远吗?
更新
讨论并解决了我面临的新问题:ssh'ing时Linux无法识别正确的密码?
ssh lab_desktop -L 2200:lab_server:22 -vvv
ssh lab_desktop
-创建一个SSH连接到lab_desktop
as$USER
-L 2200:lab_server:22
-使用与的连接lab_desktop
,将本地计算机上的端口2200转发到端口22上的端口lab_server
-vvv
-启用最大详细程度 此命令将在本地计算机上的端口2200上打开一个套接字,然后使用SSH隧道,发送到localhost上的端口2200的所有流量都将转发到lab_server上的端口22。
要利用转发的端口并建立与lab_server的SSH连接,您需要启动第二个连接,以连接到本地主机上的本地端口:
ssh user@localhost -p 2200
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句