이상한 문제가 있습니다. Windows 호스트에서 node01과 node02로 실행되는 2개의 가상 머신이 있습니다.
- node01에서 node02까지 ssh가 제대로 작동합니다.
- 호스트에서 node01 및 node02로 ssh 작동 중
- node02에서 node01까지 ssh가 제대로 작동합니다.
이제 ssh root@localhost
이렇게 하면 작동하지 않습니다.
SLES 버전 정보:
cat /etc/issue
Welcome to SUSE Linux Enterprise Server 11 SP4 (x86_64) - Kernel \r (\l).
SSH 자세한 출력:
node01:~/Desktop # ssh -vvv root@localhost
OpenSSH_6.6.1, OpenSSL 0.9.8j-fips 07 Jan 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: connect to address 127.0.0.1 port 22: Connection timed out
debug1: Connecting to localhost [::1] port 22.
debug1: connect to address ::1 port 22: Network is unreachable
ssh: connect to host localhost port 22: Network is unreachable
/etc/hosts의 내용:
# IP-Address Full-Qualified-Hostname Short-Hostname
#
127.0.0.1 localhost
# special IPv6 addresses
::1 localhost ipv6-localhost ipv6-loopback
fe00::0 ipv6-localnet
ff00::0 ipv6-mcastprefix
ff02::1 ipv6-allnodes
ff02::2 ipv6-allrouters
ff02::3 ipv6-allhosts
192.168.142.101 node01.mydomain.local node01
192.168.142.102 node02.mydomain.local node02
속성 활성화: /etc/ssh/sshd_config
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
UsePAM yes
X11Forwarding yes
UsePrivilegeSeparation sandbox # Default for new installations.
Subsystem sftp /usr/lib64/ssh/sftp-server
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
(rest of the lines are comments)
node01:~/Desktop# ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:50:56:2B:49:04
inet addr:192.168.142.101 Bcast:192.168.255.255 Mask:255.255.0.0
inet6 addr: fe80::250:56ff:fe2b:4904/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:471 errors:0 dropped:0 overruns:0 frame:0
TX packets:416 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:50391 (49.2 Kb) TX bytes:33156 (32.3 Kb)
lo Link encap:Local Loopback
LOOPBACK MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
node01:~/Desktop # iptables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
node01:~/Desktop# netstat -lnt
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3260 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 :::3260 :::* LISTEN
tcp 0 0 :::111 :::* LISTEN
tcp 0 0 :::22 :::* LISTEN
VM 호스트에서 VM 게스트(node01)에 성공적으로 연결되었습니다.
[2016-12-11 17:49.17] ~
[VM Host] > ssh -v [email protected]
OpenSSH_7.1p2, OpenSSL 1.0.1g 7 Apr 2014
debug1: Reading configuration data /home/mobaxterm/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to 192.168.142.101 [192.168.142.101] port 22.
debug1: Connection established.
debug1: identity file /home/mobaxterm/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: Authenticating to 192.168.142.101:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 [email protected]
debug1: kex: client->server aes128-ctr hmac-md5 [email protected]
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:n01c4dhTM/gzY4/vSmDpR59FysetbFVG3kcRNXZFycw
debug1: Host '192.168.142.101' is known and matches the RSA host key.
debug1: Found key in /home/mobaxterm/.ssh/known_hosts:149
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: pubkey_prepare: ssh_fetch_identitylist: agent refused operation
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/mobaxterm/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/mobaxterm/.ssh/id_dsa
debug1: Trying private key: /home/mobaxterm/.ssh/id_ecdsa
debug1: Trying private key: /home/mobaxterm/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
Password:
debug1: Enabling compression at level 6.
debug1: Authentication succeeded (keyboard-interactive).
Authenticated to 192.168.142.101 ([192.168.142.101]:22).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: Requesting X11 forwarding with authentication spoofing.
X11 forwarding request failed on channel 0
Last login: Sun Dec 11 20:48:45 2016 from 192.168.142.1
답변1
출력 결과는 다음 과 같습니다 ifconfig
.
lo Link encap:Local Loopback
LOOPBACK MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
...귀하가 속한 IP 주소가 누락된 것 같습니다 lo
. lo
일반적으로 127.0.0.1/8 및 ::1/128이라는 두 개의 IP 주소가 필요합니다. 시스템 시작 스크립트는 일반적으로 이것이 사실인지 확인합니다. 그렇지 않으면 시스템이 손상된 것으로 간주됩니다.
다음 명령을 사용하여 임시로 수정할 수 있습니다.
ip link set lo up
ip addr add 127.0.0.1/8 dev lo
ip addr add ::1/128 dev lo
하지만 다음번에는 저장되지 않습니다. 다음에는 모든 것을 고치고 싶을 것입니다. 귀하의 배포판이 이를 어떻게 수행하는지 모르겠지만, 데비안과 유사한 배포판이라면 다음 위치에 표시되는지 확인할 수 있습니다 /etc/network/interfaces
.
auto lo
iface lo inet loopback