![네트워크 스캐너의 SSH/Sftp 설정 중 SSH "XXX [preauth]에 의해 연결이 닫혔습니다."](https://linux55.com/image/210033/%EB%84%A4%ED%8A%B8%EC%9B%8C%ED%81%AC%20%EC%8A%A4%EC%BA%90%EB%84%88%EC%9D%98%20SSH%2FSftp%20%EC%84%A4%EC%A0%95%20%EC%A4%91%20SSH%20%22XXX%20%5Bpreauth%5D%EC%97%90%20%EC%9D%98%ED%95%B4%20%EC%97%B0%EA%B2%B0%EC%9D%B4%20%EB%8B%AB%ED%98%94%EC%8A%B5%EB%8B%88%EB%8B%A4.%22.png)
내 로컬 LAN에서 네트워크 검색을 위해 sftp 공유 설정을 시도했는데 ssh랩탑 에 sftp연결할 때 예상대로 작동했습니다 .
이상하게도 네트워크 스캐너에 대한 연결을 설정하려고 할 때 스캐너의 웹 관리 도구에 "인증 오류"라는 오류 메시지가 나타납니다. 확인 후 찾아보니192.168.178.44 포트 52786 [preauth]에 의해 연결이 종료되었습니다.SSH 서버 로그에.
로그는 키 교환에 대한 메시지로 가득 차 있으므로 클라이언트가 특이한 키 유형을 사용하고 있다고 가정하지만 이에 대한 지식은 제한적입니다. sshd_config를 편집하여 서버 측에서 연결을 활성화하는 방법이 있습니까? 보안에 미치는 영향은 무엇입니까? 특히 일반 FTP와 비교하면 더욱 그렇습니다.
내 SSH 서버 구성은 거의 기본값입니다. 저는 RaspberryPi(192.168.178.100)의 포트 2022에서 openssh를 실행하고 있습니다.
journalctl -xe네트워크 스캐너(192.168.178.44, Brother ADS-4300N)에서 연결을 시도할 때 추가 로그:
Aug 29 20:41:42 Nas sshd[6319]: Connection from 192.168.178.44 port 52786 on 192.168.178.100 port 2022 rdomain ""
Aug 29 20:41:42 Nas sshd[6319]: debug1: Local version string SSH-2.0-OpenSSH_8.4p1 Raspbian-5+deb11u1
Aug 29 20:41:42 Nas sshd[6319]: debug1: Remote protocol version 2.0, remote software version libssh2_1.9.0
Aug 29 20:41:42 Nas sshd[6319]: debug1: no match: libssh2_1.9.0
Aug 29 20:41:42 Nas sshd[6319]: debug2: fd 4 setting O_NONBLOCK
Aug 29 20:41:42 Nas sshd[6319]: debug3: ssh_sandbox_init: preparing seccomp filter sandbox
Aug 29 20:41:42 Nas sshd[6319]: debug2: Network child is on pid 6320
Aug 29 20:41:42 Nas sshd[6319]: debug3: preauth child monitor started
Aug 29 20:41:42 Nas sshd[6319]: debug3: privsep user:group 107:65534 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: permanently_set_uid: 107/65534 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: list_hostkey_types: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: send packet: type 20 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: SSH2_MSG_KEXINIT sent [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: receive packet: type 20 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: SSH2_MSG_KEXINIT received [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: local server KEXINIT proposal [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: KEX algorithms: curve25519-sha256,[email protected],ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: ciphers ctos: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: ciphers stoc: [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected] [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: MACs ctos: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: MACs stoc: [email protected],[email protected],[email protected],[email protected],[email protected],[email protected],[email protected],hmac-sha2-256,hmac-sha2-512,hmac-sha1 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: compression ctos: none,[email protected] [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: compression stoc: none,[email protected] [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: languages ctos: [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: languages stoc: [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: first_kex_follows 0 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: reserved 0 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: peer client KEXINIT proposal [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: KEX algorithms: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,curve25519-sha256,[email protected],diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: host key algorithms: ssh-rsa [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,[email protected],aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,aes256-cbc,[email protected],aes192-cbc,aes128-cbc,blowfish-cbc,arcfour128,arcfour,cast128-cbc,3des-cbc [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: MACs ctos: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,[email protected] [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: MACs stoc: hmac-sha2-256,hmac-sha2-512,hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,hmac-ripemd160,[email protected] [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: compression ctos: none [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: compression stoc: none [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: languages ctos: [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: languages stoc: [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: first_kex_follows 0 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: reserved 0 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: kex: algorithm: ecdh-sha2-nistp256 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: kex: host key algorithm: ssh-rsa [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: receive packet: type 30 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: mm_sshkey_sign entering [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: mm_request_send entering: type 6 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: mm_request_receive_expect entering: type 7 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: mm_request_receive entering [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: mm_request_receive entering
Aug 29 20:41:42 Nas sshd[6319]: debug3: monitor_read: checking request 6
Aug 29 20:41:42 Nas sshd[6319]: debug3: mm_answer_sign
Aug 29 20:41:42 Nas sshd[6319]: debug3: mm_answer_sign: KEX signature 0x152b3b8(399)
Aug 29 20:41:42 Nas sshd[6319]: debug3: mm_request_send entering: type 7
Aug 29 20:41:42 Nas sshd[6319]: debug2: monitor_read: 6 used once, disabling now
Aug 29 20:41:42 Nas sshd[6319]: debug3: send packet: type 31 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: send packet: type 21 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: set_newkeys: mode 1 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: rekey out after 4294967296 blocks [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: SSH2_MSG_NEWKEYS sent [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: expecting SSH2_MSG_NEWKEYS [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: receive packet: type 21 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: SSH2_MSG_NEWKEYS received [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug2: set_newkeys: mode 0 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: rekey in after 4294967296 blocks [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug1: KEX done [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: receive packet: type 5 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: debug3: send packet: type 6 [preauth]
Aug 29 20:41:42 Nas sshd[6319]: Connection closed by 192.168.178.44 port 52786 [preauth]