방화벽에서 포트 22를 활성화해도 VPS에 연결할 수 없는 것 같습니다. SSH가 작동하도록 하기 위해 여러 iptables 입력을 시도했습니다. 이것은 iptables가 영구적으로 설치된 debian 9stretch 시스템입니다. 다음은 구성(명령 형식)입니다.
# Allow all loopback (lo) traffic and reject anything
# to localhost that does not originate from lo.
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT ! -i lo -s 127.0.0.0/8 -j REJECT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow ping and ICMP error returns.
iptables -A INPUT -p icmp -m state --state NEW --icmp-type 8 -j ACCEPT
iptables -A INPUT -p icmp -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -p icmp -j ACCEPT
# Allow SSH.
iptables -A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED --dport 22 -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED --sport 22 -j ACCEPT
# Allow UDP traffic on port 1194.
iptables -A INPUT -i eth0 -p udp -m state --state NEW,ESTABLISHED --dport 1194 -j ACCEPT
iptables -A OUTPUT -o eth0 -p udp -m state --state ESTABLISHED --sport 1194 -j ACCEPT
# Allow DNS resolution and limited HTTP/S on eth0.
# Necessary for updating the server and keeping time.
iptables -A INPUT -i eth0 -p udp -m state --state ESTABLISHED --sport 53 -j ACCEPT
iptables -A OUTPUT -o eth0 -p udp -m state --state NEW,ESTABLISHED --dport 53 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -m state --state ESTABLISHED --sport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp -m state --state ESTABLISHED --sport 443 -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED --dport 80 -j ACCEPT
iptables -A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED --dport 443 -j ACCEPT
# Allow traffic on the TUN interface.
iptables -A INPUT -i tuan0 -j ACCEPT
iptables -A OUTPUT -o tun0 -j ACCEPT
# then reject them.
iptables -A INPUT -j REJECT
iptables -A FORWARD -j REJECT
iptables -A OUTPUT -j REJECT
COMMIT