SSH 서버는 Centos 7을 실행 중이며 Putty를 통해 Windows 10에서 연결합니다.
몇 가지 VPN 설정을 알아내야 했기 때문에 다수의 SSH 터널(약 2000개의 주소:포트 조합)을 설정해야 했습니다. 실제로 작동하려면 ulimit -n 8192
내 프로필에 명령을 추가해야 했습니다( 의 스크립트를 통해 )./etc/profile.d/
사실은 내가가지다가능한 해결책은 sshd 서버를 수동으로 시작하는 것입니다 /usr/sbin/sshd
(실제로 디버깅을 위해 실행했습니다 -ddd
). 문제는 매번 이런 일을 하고 싶지 않다는 것입니다.
/usr/sbin/sshd
내가 하고 있는 일을 복제하기 위해 로 nofiles
승격 하고 .in을 추가하여 활성화 하고 편집해 보았습니다. 분명히 이런 시도를 할 때마다 서비스를 다시 시작하지만 지금까지는 운이 없었습니다./etc/security/limits.conf
8192
UsePAM yes
/etc/ssh/sshd_config
/etc/pam.d/sshd
session required pam_limits.so
sshd
다음은 더 깊은 이해를 돕기 위한 몇 가지 로그입니다.
debug3: mm_request_send entering: type 26 [preauth]
debug3: mm_send_keystate: Finished sending state [preauth]
debug3: mm_request_send entering: type 122 [preauth]
debug3: mm_request_receive_expect entering: type 123 [preauth]
debug3: mm_request_receive entering [preauth]
debug1: monitor_read_log: child log fd closed
debug3: ssh_sandbox_parent_finish: finished
debug1: temporarily_use_uid: 0/0 (e=0/0)
debug1: ssh_gssapi_storecreds: Not a GSSAPI mechanism
debug1: restore_uid: 0/0
debug1: SELinux support enabled
debug3: sshd_selinux_setup_variables: setting execution context
debug1: PAM: establishing credentials
debug3: PAM: opening session
----- SSHD SERVICE WON'T LOG ANYTHING BELOW THIS, THROWING A "Remote side closed unexpectedly"
ERROR ON CLIENT SIDE. THE FOLLOWING ONLY HAPPENS IF I RUN /usr/sbin/sshd -ddd -----
debug3: PAM: sshpam_store_conv called with 1 messages
debug3: PAM: sshpam_store_conv called with 1 messages
debug3: monitor_apply_keystate: packet_set_state
debug2: set_newkeys: mode 0
debug1: rekey after 4294967296 blocks
debug2: set_newkeys: mode 1
debug1: rekey after 4294967296 blocks
debug1: ssh_packet_set_postauth: called
debug3: ssh_packet_set_state: done
debug3: notify_hostkeys: key 0: ssh-rsa SHA256:AEtENG9MRdKc/NfzGmydDXE/ZSC9m/qIgyLoCpnFi8U
debug3: notify_hostkeys: key 1: ecdsa-sha2-nistp256 SHA256:xyJC+3p5j0bvYmp64A3s6oryCFIPe8PIP9jWQtjNTxk
debug3: notify_hostkeys: key 2: ssh-ed25519 SHA256:XsT2mEz/PUObqWI4+5fLE8gpyhqKXf7ij0/peOhF+WI
debug3: notify_hostkeys: sent 3 hostkeys
debug3: send packet: type 80
debug1: Entering interactive session for SSH2.
debug2: fd 5 setting O_NONBLOCK
debug2: fd 6 setting O_NONBLOCK
debug1: server_init_dispatch
----- THEN IT BEGINS ALL THE TUNNEL FORWARDING PART, REPEATING
THE FOLLOWING BLOCK OF LOGS FOR EACH ADDRESS/PORT COMBINATION -----
debug3: receive packet: type 80
debug1: server_input_global_request: rtype tcpip-forward want_reply 1
debug1: server_input_global_request: tcpip-forward listen port <NUMBER-OF-PORT>
debug3: channel_setup_fwd_listener_tcpip: type 11 wildcard 0 addr NULL
debug3: sock_set_v6only: set socket 8 IPV6_V6ONLY
debug1: Local forwarding listening on ::1 port <NUMBER-OF-PORT>.
debug2: fd 8 setting O_NONBLOCK
debug3: fd 8 is O_NONBLOCK
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port <NUMBER-OF-PORT>.
debug2: fd 9 setting O_NONBLOCK
debug3: fd 9 is O_NONBLOCK
debug1: channel 1: new [port listener]
debug3: send packet: type 81
----- AND FINALLY, AFTER ALL THE PORTS -----
debug3: receive packet: type 90
debug1: server_input_channel_open: ctype session rchan 256 win 16384 max 16384
debug1: input_session_request
debug1: channel 7142: new [server-session]
debug2: session_new: allocate (allocated 0 max 10)
debug3: session_unused: session id 0 unused
debug1: session_new: session 0
debug1: session_open: channel 7142
debug1: session_open: session 0: link with channel 7142
debug1: server_input_channel_open: confirm session
debug3: send packet: type 91
debug3: receive packet: type 98
debug1: server_input_channel_req: channel 7142 request pty-req reply 1
debug1: session_by_channel: session 0 channel 7142
debug1: session_input_channel_req: session 0 req pty-req
debug1: Allocating pty.
debug1: session_pty_req: session 0 alloc /dev/pts/13
debug1: SELinux support enabled
debug3: ssh_selinux_setup_pty: setting TTY context on /dev/pts/13
debug3: ssh_selinux_setup_pty: done
debug3: send packet: type 99
debug3: receive packet: type 98
debug1: server_input_channel_req: channel 7142 request shell reply 1
debug1: session_by_channel: session 0 channel 7142
debug1: session_input_channel_req: session 0 req shell
Starting session: shell on pts/13 for root from 192.168.1.7 port 54369 id 0
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x10
debug2: channel 7142: rfd 7154 isatty
debug2: fd 7154 setting O_NONBLOCK
debug3: fd 7150 is O_NONBLOCK
debug3: send packet: type 99
debug1: Setting controlling tty using TIOCSCTTY.
이 서비스를 사용하여 동일한 목표를 어떻게 달성할 수 있습니까 sshd
?