ssh의 점프 호스트 옵션을 활용하려고 하는데 어떤 이유로 작동하지 않고 다음과 같은 결과를 얻습니다.
$ ssh -J user1@host1 user2@target
kex_exchange_identification: banner line contains invalid characters
banner exchange: Connection to UNKNOWN port 65535: invalid format
$ ssh -J user1@host1:22 user2@target:22
channel 0: open failed: connect failed: Name or service not known
stdio forwarding failed
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535
이유를 알고 싶습니다. 사용자 랩톱에서 ssh를 통해 호스트 1에 로그인한 다음 호스트 1에서 대상에 로그인할 수 있습니다. 키도 모두 설정했어요. 혼란스러워요. 제가 무엇을 놓치고 있나요?
이것을 추가한 후 -v다음을 관찰할 수 있습니다.
debug1: kex_exchange_identification: banner line 39: \033[?25h\033[?7hSSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
kex_exchange_identification: banner line contains invalid characters
banner exchange: Connection to UNKNOWN port 65535: invalid format
debug1: channel 0: free: direct-tcpip: listening port 0 for target port 22, connect from 127.0.0.1 port 65535 to UNKNOWN port 65536, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
Killed by signal 1.
LAN의 다른 호스트에서는 제대로 연결할 수 있지만 target이 ssh -J user1@host1 user2@target호스트만 연결할 수 없는 것 같습니다.
줄을 로 변경하면 ssh -J user1@host1:22 user2@target:22 -v다음과 같은 결과가 나타납니다.
debug1: client_input_hostkeys: no new or deprecated keys from server
debug1: Remote: /home/user1/.ssh/authorized_keys:3: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /home/user1/.ssh/authorized_keys:3: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
channel 0: open failed: connect failed: Name or service not known
stdio forwarding failed
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535
무엇을 하려는 걸까요 port 65535? 또한 ssh를 통해 액세스하여 host1다음을 수행했습니다.
netcat target 22
SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
touch ~/.hushlogin더 많은 s를 추가 -v하고 추가한 후에 -vvv우리는 얻습니다.
debug2: channel 0: open confirm rwindow 2097152 rmax 32768
debug1: kex_exchange_identification: banner line 39: \033[?25h\033[?7hSSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
kex_exchange_identification: banner line contains invalid characters
banner exchange: Connection to UNKNOWN port 65535: invalid format
debug3: send packet: type 1
debug1: channel 0: free: direct-tcpip: listening port 0 for ghnvm port 22, connect from 127.0.0.1 port 65535 to UNKNOWN port 65536, nchannels 1
debug3: channel 0: status: The following connections are open:
#0 direct-tcpip: listening port 0 for ghnvm port 22, connect from 127.0.0.1 port 65535 to UNKNOWN port 65536 (t4 r0 i0/0 o0/0 e[closed]/0 fd 4/5/-1 sock -1 cc -1)
debug1: fd 0 clearing O_NONBLOCK
debug3: fd 1 is not O_NONBLOCK
Killed by signal 1.
심지어 ssh -oProxyCommand='ssh -p22 user1@host1 -W %h:%p' -p22 user2@target반환됩니다:
kex_exchange_identification: banner line contains invalid characters
banner exchange: Connection to UNKNOWN port 65535: invalid format