%EB%A5%BC%20%ED%86%B5%ED%95%B4%20rPI%EC%97%90%20%EB%A1%9C%EA%B7%B8%EC%9D%B8%ED%95%9C%20%ED%9B%84%20Bash%20%ED%94%84%EB%A1%AC%ED%94%84%ED%8A%B8%EA%B0%80%20%ED%91%9C%EC%8B%9C%EB%90%98%EC%A7%80%20%EC%95%8A%EC%8A%B5%EB%8B%88%EB%8B%A4..png)
나는 한동안 파이홀 DNS를 제공하기 위해 rPi를 사용해 왔습니다. 이 문제는 수년 동안 지속되어 왔습니다. 재구축하지 않고도 이 문제를 이해하고 해결할 수 있기를 바랍니다.
OS 업데이트 후에는 어떤 사용자로부터도 SSH를 통해 로그인할 때 더 이상 메시지가 표시되지 않습니다.
인증이 통과되고 프롬프트가 비어 있으며 그대로 두면 결국 시간 초과됩니다. Ctrl+C를 누르면 기본 bash 쉘로 이동합니다.
Linux blackholedns 4.19.66+ #1253 Thu Aug 15 11:37:30 BST 2019 armv6l
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Fri Jun 25 11:27:59 2021 from x.x.x.x
^ 세션에서 ctrl+c를 누르지 않는 한 이것이 내가 볼 전부입니다.
이와 같이:
Last login: Fri Jun 25 11:35:04 2021 from x.x.x.x
^C
-bash-4.4$
내가 whoami라면 그것은 pi 사용자입니다:
-bash-4.4$ whoami
pi
pi를 입력하면 익숙한 프롬프트로 돌아가서 작업을 계속할 수 있습니다.
-bash-4.4$ su pi
Password:
pi@blackholedns:~ $
지난 2년. 이 문제를 수동으로 우회하는 데 만족합니다.
이제 백업 파이에 대한 동기화를 설정하고 중력 동기화를 설정하고 싶습니다. 복제 파이는 파이에 SSH로 접속할 수 있어야 합니다. 이는 위에 표시된 질문을 제기합니다. 세션이 연결을 시도하고 결국 시간 초과됩니다.
이 문제를 해결하기 위해 무엇을 시도했습니까? (둘 다 일하지 않았습니다)
- 문제가 있는 시스템의 /etc/hosts에서 두 시스템 모두에 대한 호스트 항목을 설정합니다.
- SSHD에서 "UseDNS no"
- SSHD의 "GSSAPI인증 번호"
- SSHD의 "QOS=IPQoS 0x00"
- 새 사용자를 생성하고 이 새 사용자를 ssh에 사용했지만 결과는 동일합니다. 프롬프트가 없습니다.
- 비밀번호 대신 SSH 키를 통해 로그인해 보세요.
- .bashrc 또는 .profile을 복원하려고 하여 .bashrc 및 .profile 파일을 /etc/skel에서 /home/pi로 다시 복사했습니다.
-vvv와 연결된 디버깅입니다.
OpenSSH_7.9p1 Raspbian-10+deb10u2, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolve_canonicalize: hostname 10.10.10.5 is address
debug2: ssh_connect_direct
debug1: Connecting to 10.10.10.5 [10.10.10.5] port 22.
debug1: Connection established.
debug1: identity file /home/pi/.ssh/id_rsa type 0
debug1: identity file /home/pi/.ssh/id_rsa-cert type -1
debug1: identity file /home/pi/.ssh/id_dsa type -1
debug1: identity file /home/pi/.ssh/id_dsa-cert type -1
debug1: identity file /home/pi/.ssh/id_ecdsa type -1
debug1: identity file /home/pi/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/pi/.ssh/id_ed25519 type -1
debug1: identity file /home/pi/.ssh/id_ed25519-cert type -1
debug1: identity file /home/pi/.ssh/id_xmss type -1
debug1: identity file /home/pi/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Raspbian-10+deb10u2
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Raspbian-10+deb9u7
debug1: match: OpenSSH_7.4p1 Raspbian-10+deb9u7 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 10.10.10.5:22 as 'pi'
debug3: hostkeys_foreach: reading file "/home/pi/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/pi/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 10.10.10.5
debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: [email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[email protected],[email protected],[email protected],[email protected],ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected],zlib
debug2: compression stoc: none,[email protected],zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected]
debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,[email protected]
debug2: compression stoc: none,[email protected]
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:3jpMhHMt9SbH1sv9XDxKm+f/ONgSf3BhpjNAHn41dqc
debug3: hostkeys_foreach: reading file "/home/pi/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /home/pi/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 10.10.10.5
debug1: Host '10.10.10.5' is known and matches the ECDSA host key.
debug1: Found key in /home/pi/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug1: Will attempt key: /home/pi/.ssh/id_rsa RSA SHA256:PtWlqIMMnTLjjxDnqoVlfumTiemrv93ksoT92Jp1Qj0
debug1: Will attempt key: /home/pi/.ssh/id_dsa
debug1: Will attempt key: /home/pi/.ssh/id_ecdsa
debug1: Will attempt key: /home/pi/.ssh/id_ed25519
debug1: Will attempt key: /home/pi/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/pi/.ssh/id_rsa RSA SHA256:PtWlqIMMnTLjjxDnqoVlfumTiemrv93ksoT92Jp1Qj0
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: /home/pi/.ssh/id_rsa RSA SHA256:PtWlqIMMnTLjjxDnqoVlfumTiemrv93ksoT92Jp1Qj0
debug3: sign_and_send_pubkey: RSA SHA256:PtWlqIMMnTLjjxDnqoVlfumTiemrv93ksoT92Jp1Qj0
debug3: sign_and_send_pubkey: signing using ssh-rsa
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to 10.10.10.5 ([10.10.10.5]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting [email protected]
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: receive packet: type 80
debug1: client_input_global_request: rtype [email protected] want_reply 0
debug3: receive packet: type 91
debug2: channel_input_open_confirmation: channel 0: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x10
debug2: client_session2_setup: id 0
debug2: channel 0: request pty-req confirm 1
debug3: send packet: type 98
debug1: Sending environment.
debug3: Ignored env SHELL
debug3: Ignored env NO_AT_BRIDGE
debug3: Ignored env PWD
debug3: Ignored env LOGNAME
debug3: Ignored env XDG_SESSION_TYPE
debug3: Ignored env HOME
debug1: Sending env LANG = en_GB.UTF-8
debug2: channel 0: request env confirm 0
debug3: send packet: type 98
debug3: Ignored env LS_COLORS
debug3: Ignored env SSH_CONNECTION
debug3: Ignored env XDG_SESSION_CLASS
debug3: Ignored env TERM
debug3: Ignored env USER
debug3: Ignored env SHLVL
debug3: Ignored env GS_INSTALL
debug3: Ignored env XDG_SESSION_ID
debug3: Ignored env XDG_RUNTIME_DIR
debug3: Ignored env SSH_CLIENT
debug3: Ignored env PATH
debug3: Ignored env MAIL
debug3: Ignored env SSH_TTY
debug3: Ignored env TEXTDOMAIN
debug3: Ignored env _
debug2: channel 0: request shell confirm 1
debug3: send packet: type 98
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug2: channel 0: rcvd adjust 2097152
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
Linux blackholedns 4.19.66+ #1253 Thu Aug 15 11:37:30 BST 2019 armv6l
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Fri Jun 25 12:17:24 2021 from 10.10.10.40
어떤 지침이라도 대단히 감사하겠습니다.
업데이트: .profile 또는 .bash_profile에 더 이상 존재하지 않는 파일에 대한 참조를 확인하십시오. 파일에 awk, grep, sed와 같은 항목에 대한 참조가 표시되지 않습니다.
. 윤곽
pi@blackholedns:~ $ cat .profile
# ~/.profile: executed by the command interpreter for login shells.
# This file is not read by bash(1), if ~/.bash_profile or ~/.bash_login
# exists.
# see /usr/share/doc/bash/examples/startup-files for examples.
# the files are located in the bash-doc package.
# the default umask is set in /etc/profile; for setting the umask
# for ssh logins, install and configure the libpam-umask package.
#umask 022
set -x
# if running bash
if [ -n "$BASH_VERSION" ]; then
# include .bashrc if it exists
if [ -f "$HOME/.bashrc" ]; then
. "$HOME/.bashrc"
fi
fi
# set PATH so it includes user's private bin if it exists
if [ -d "$HOME/bin" ] ; then
PATH="$HOME/bin:$PATH"
fi
/홈/파이:
pi@blackholedns:~ $ ls -la
total 72
drwxr-xr-x 6 pi pi 4096 Jun 25 13:02 .
drwxr-xr-x 6 root root 4096 Jun 25 11:22 ..
-rw------- 1 pi pi 9465 Jun 25 12:27 .bash_history
-rw-r--r-- 1 pi pi 220 Mar 13 2018 .bash_logout
-rw-r--r-- 1 pi pi 3523 Dec 12 2020 .bashrc
-rw-r--r-- 1 pi pi 3523 Mar 13 2018 .bashrc.old
drwxr-xr-x 2 pi pi 4096 May 2 2018 .nano
-rw-r--r-- 1 pi pi 682 Jun 25 12:59 .profile
-rw-r--r-- 1 pi pi 675 Mar 13 2018 .profile.old
-rw-r--r-- 1 root root 12288 Jun 25 12:51 .profile.swp
drwx------ 2 pi pi 4096 Jan 21 2019 .rapid7_tmp
-rw-r--r-- 1 pi pi 0 May 2 2018 .selected_editor
drwxrwxrwx 2 pi pi 4096 Dec 18 2019 .splunk
drwx------ 2 pi pi 4096 Dec 11 2020 .ssh
-rw-r--r-- 1 pi pi 171 Oct 11 2019 .wget-hsts
출력에서 참조된 .bashrc는 2020년 12월에 /etc/skel에서 복원되었습니다. 지난번에는 이 문제를 직접 해결하려고 했습니다.
업데이트: .profile 결과에 대한 추적 설정:
pi@blackholedns:~ $ bash .profile
+ '[' -n '4.4.12(1)-release' ']'
+ '[' -f /home/pi/.bashrc ']'
+ . /home/pi/.bashrc
++ case $- in
++ return
+ '[' -d /home/pi/bin ']'
+ PATH=/home/pi/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games
pi@blackholedns:~ $
프롬프트로 돌아온 이후로 .profile이 끊기지 않았다고 생각했습니다.
업데이트: /etc/profile의 내용 요청
-bash-4.4$ cat /etc/profile
# /etc/profile: system-wide .profile file for the Bourne shell (sh(1))
# and Bourne compatible shells (bash(1), ksh(1), ash(1), ...).
export SPLUNK_HOME=/opt/splunkforwarder
source /etc/profile
echo $SPLUNK_HOME
if [ "`id -u`" -eq 0 ]; then
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
else
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games"
fi
export PATH
if [ "${PS1-}" ]; then
if [ "${BASH-}" ] && [ "$BASH" != "/bin/sh" ]; then
# The file bash.bashrc already sets the default PS1.
# PS1='\h:\w\$ '
if [ -f /etc/bash.bashrc ]; then
. /etc/bash.bashrc
fi
else
if [ "`id -u`" -eq 0 ]; then
PS1='# '
else
PS1='$ '
fi
fi
fi
if [ -d /etc/profile.d ]; then
for i in /etc/profile.d/*.sh; do
if [ -r $i ]; then
. $i
fi
done
unset i
fi
답변1
체인에 있는 모든 사람의 도움으로 /etc/profile.conf의 구성 문제라는 것을 발견했습니다.
-bash-4.4$ cat /etc/profile
# /etc/profile: system-wide .profile file for the Bourne shell (sh(1))
# and Bourne compatible shells (bash(1), ksh(1), ash(1), ...).
export SPLUNK_HOME=/opt/splunkforwarder
source /etc/profile
echo $SPLUNK_HOME
if [ "`id -u`" -eq 0 ]; then
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
else
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/games:/usr/games"
fi
export PATH
if [ "${PS1-}" ]; then
if [ "${BASH-}" ] && [ "$BASH" != "/bin/sh" ]; then
# The file bash.bashrc already sets the default PS1.
# PS1='\h:\w\$ '
if [ -f /etc/bash.bashrc ]; then
. /etc/bash.bashrc
fi
else
if [ "`id -u`" -eq 0 ]; then
PS1='# '
else
PS1='$ '
fi
fi
fi
if [ -d /etc/profile.d ]; then
for i in /etc/profile.d/*.sh; do
if [ -r $i ]; then
. $i
fi
done
unset i
fi
구체적으로는 다음 줄인 것 같습니다: source /etc/profile
아직 완전한 세부 정보는 없지만 splunk 특정 줄을 주석 처리했습니다.
#export SPLUNK_HOME=/opt/splunkforwarder
#source /etc/profile
#echo $SPLUNK_HOME
모든 사용자에 대해 문제가 즉시 해결되었습니다.
모두에게 감사드립니다. 저는 이 플랫폼에 대해 아직 많은 것을 배우는 중이므로 /etc/profile을 절대 보지 않을 것입니다. 이 문제는 Splunk UF를 팔에 설치하는 방법에 대한 가이드를 따르다가 사용자가 직접 발생했을 수 있습니다. (이전에는 이런 일을 해본 적이 없습니다)
Splunk Forwarder는 이 구성 없이도 계속 작동할 수 있습니다.