Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ssh禁用密码登陆时,ssh无法穿透 #193

Closed
ghost opened this issue Dec 25, 2016 · 16 comments
Closed

ssh禁用密码登陆时,ssh无法穿透 #193

ghost opened this issue Dec 25, 2016 · 16 comments
Labels

Comments

@ghost
Copy link

ghost commented Dec 25, 2016

有公网ip的机器A禁用了ssh密码登陆,内网机器B也禁用了ssh密码登陆。
按readme文档配置,http和https正常,同时frps.log看到 [control.go:344] [I] ProxyName [ssh], start proxy success。 但是ssh -oPort=6000 username@publicip时,ssh_exchange_identification: Connection closed by remote host。frps.log和frpc.log均无记录。

@fatedier
Copy link
Owner

ssh 加上 -vvv 参数看一下完整输出信息。

@ghost
Copy link
Author

ghost commented Dec 25, 2016

➜ account git:(master) ✗ ssh -vvv -oPort=6000 usename@publicip
OpenSSH_7.2p2, LibreSSL 2.4.1
debug1: Reading configuration data /Users/myuser/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug2: resolving "publicip" port 6000
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to publicip [publicip] port 6000.
debug1: Connection established.
debug1: identity file /Users/myuser/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/myuser/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/myuser/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/myuser/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/myuser/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/myuser/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/myuser/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/myuser/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2
ssh_exchange_identification: Connection closed by remote host

将真实ip替换成‘publicip’了。

同时在机器A、B /var/log/auth.log上也没找到记录。

单独访问机器A、B是正常的。

@chenming219
Copy link

我也是这样,3台机器更新到0.9.0 后只有一台ssh能正常访问;其余2台都是如下报错。
OpenSSH_6.7p1 Debian-5+deb8u3, OpenSSL 1.0.1t 3 May 2016
debug1: Reading configuration data /home/chenming/.ssh/config
debug1: /home/chenming/.ssh/config line 1: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0

debug1: Connection established.
debug1: identity file /home/chenming/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/chenming/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/chenming/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/chenming/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/chenming/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/chenming/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/chenming/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/chenming/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3
ssh_exchange_identification: Connection closed by remote host

@chenming219
Copy link

但是我测过过,改成其他端口发报文,是能收到的。

@ghost
Copy link
Author

ghost commented Dec 25, 2016

抱歉,报问题没彻底测试完,刚找了另一组机子做测试,不禁用密码登陆,ssh也一样ssh_exchange_identification: Connection closed by remote host。

@fatedier
Copy link
Owner

@AdhereYao @chenming219 我这里测试无法复现这个问题,如果可以的话能否提供一个能复现的环境?

@chenming219 你是指上个版本是正常的?

@chenming219
Copy link

稍等。。。我发你邮箱。。。

@chenming219
Copy link

@fatedier 已发你邮箱。

@fatedier fatedier added the bug label Dec 25, 2016
@fatedier
Copy link
Owner

@AdhereYao 你的配置里是否指定了 pool_count 这个参数,如果指定了将这个去掉试试是否能正常连接?

@ghost
Copy link
Author

ghost commented Dec 26, 2016

@fatedier 之前是指定了pool_count,也就是全部都是默认配置。注释掉了pool_count也还是不work

@fatedier
Copy link
Owner

@AdhereYao 方便的话加这个群交流下吧,606194980。

@ghost
Copy link
Author

ghost commented Dec 26, 2016

@fatedier 已申请

@zenwan
Copy link

zenwan commented May 17, 2018

OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 101.132.. [101.132.*.*8] port 6000.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
ssh_exchange_identification: Connection closed by remote host

遇到同样问题

@lkiarest
Copy link

@ghost 这个问题解决了么?

@pengyuwei
Copy link

这是因为主机证书冲突了,说明你挂frp之前就登录过这个机器。
简单的解决方法,删除~/.ssh/authorized_keys中对应的即主机证书可。

@skinnyshy
Copy link

配置服务时,ssh的local_ip不能写127.0.0.1

[ssh]
type = tcp
local_ip =  192.168.201.1  # 这里不能是127.0.0.1
local_port = 22
remote_port = 13002
use_encryption = true
use_compression = true

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

6 participants