SLES 버전 정보:

tag-icon tag-icon ssh sles
SLES 버전 정보:

이상한 문제가 있습니다. Windows 호스트에서 node01과 node02로 실행되는 2개의 가상 머신이 있습니다.

  • node01에서 node02까지 ssh가 제대로 작동합니다.
  • 호스트에서 node01 및 node02로 ssh 작동 중
  • node02에서 node01까지 ssh가 제대로 작동합니다.

이제 ssh root@localhost이렇게 하면 작동하지 않습니다.

SLES 버전 정보:

cat /etc/issue

Welcome to SUSE Linux Enterprise Server 11 SP4  (x86_64) - Kernel \r (\l).

SSH 자세한 출력:

node01:~/Desktop # ssh -vvv root@localhost
OpenSSH_6.6.1, OpenSSL 0.9.8j-fips 07 Jan 2009
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: connect to address 127.0.0.1 port 22: Connection timed out
debug1: Connecting to localhost [::1] port 22.
debug1: connect to address ::1 port 22: Network is unreachable
ssh: connect to host localhost port 22: Network is unreachable

/etc/hosts의 내용:

# IP-Address  Full-Qualified-Hostname  Short-Hostname
#

127.0.0.1       localhost

# special IPv6 addresses
::1             localhost ipv6-localhost ipv6-loopback

fe00::0         ipv6-localnet

ff00::0         ipv6-mcastprefix
ff02::1         ipv6-allnodes
ff02::2         ipv6-allrouters
ff02::3         ipv6-allhosts
192.168.142.101 node01.mydomain.local node01
192.168.142.102 node02.mydomain.local node02

속성 활성화: /etc/ssh/sshd_config

AuthorizedKeysFile      .ssh/authorized_keys
PasswordAuthentication no
UsePAM yes
X11Forwarding yes
UsePrivilegeSeparation sandbox          # Default for new installations.
Subsystem       sftp    /usr/lib64/ssh/sftp-server
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
(rest of the lines are comments)

node01:~/Desktop# ifconfig -a

eth0      Link encap:Ethernet  HWaddr 00:50:56:2B:49:04  
          inet addr:192.168.142.101  Bcast:192.168.255.255  Mask:255.255.0.0
          inet6 addr: fe80::250:56ff:fe2b:4904/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:471 errors:0 dropped:0 overruns:0 frame:0
          TX packets:416 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:50391 (49.2 Kb)  TX bytes:33156 (32.3 Kb)

lo        Link encap:Local Loopback  
          LOOPBACK  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

node01:~/Desktop # iptables --list

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

node01:~/Desktop# netstat -lnt

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:3260            0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      
tcp        0      0 :::3260                 :::*                    LISTEN      
tcp        0      0 :::111                  :::*                    LISTEN      
tcp        0      0 :::22                   :::*                    LISTEN

VM 호스트에서 VM 게스트(node01)에 성공적으로 연결되었습니다.

[2016-12-11 17:49.17]  ~
[VM Host] > ssh -v [email protected]
OpenSSH_7.1p2, OpenSSL 1.0.1g 7 Apr 2014
debug1: Reading configuration data /home/mobaxterm/.ssh/config
debug1: Reading configuration data /etc/ssh_config
debug1: Connecting to 192.168.142.101 [192.168.142.101] port 22.
debug1: Connection established.
debug1: identity file /home/mobaxterm/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/mobaxterm/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: Authenticating to 192.168.142.101:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 [email protected]
debug1: kex: client->server aes128-ctr hmac-md5 [email protected]
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:n01c4dhTM/gzY4/vSmDpR59FysetbFVG3kcRNXZFycw
debug1: Host '192.168.142.101' is known and matches the RSA host key.
debug1: Found key in /home/mobaxterm/.ssh/known_hosts:149
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: pubkey_prepare: ssh_fetch_identitylist: agent refused operation
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/mobaxterm/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/mobaxterm/.ssh/id_dsa
debug1: Trying private key: /home/mobaxterm/.ssh/id_ecdsa
debug1: Trying private key: /home/mobaxterm/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
Password:
debug1: Enabling compression at level 6.
debug1: Authentication succeeded (keyboard-interactive).
Authenticated to 192.168.142.101 ([192.168.142.101]:22).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: Requesting X11 forwarding with authentication spoofing.
X11 forwarding request failed on channel 0
Last login: Sun Dec 11 20:48:45 2016 from 192.168.142.1

답변1

출력 결과는 다음 과 같습니다 ifconfig.

lo        Link encap:Local Loopback  
          LOOPBACK  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

...귀하가 속한 IP 주소가 누락된 것 같습니다 lo. lo일반적으로 127.0.0.1/8 및 ::1/128이라는 두 개의 IP 주소가 필요합니다. 시스템 시작 스크립트는 일반적으로 이것이 사실인지 확인합니다. 그렇지 않으면 시스템이 손상된 것으로 간주됩니다.

다음 명령을 사용하여 임시로 수정할 수 있습니다.

ip link set lo up
ip addr add 127.0.0.1/8 dev lo
ip addr add ::1/128 dev lo

하지만 다음번에는 저장되지 않습니다. 다음에는 모든 것을 고치고 싶을 것입니다. 귀하의 배포판이 이를 어떻게 수행하는지 모르겠지만, 데비안과 유사한 배포판이라면 다음 위치에 표시되는지 확인할 수 있습니다 /etc/network/interfaces.

auto lo
iface lo inet loopback

관련 정보