내 Linux 컴퓨터(Linux Mint 21.1 Cinnamon)에서 tryhackme의 SSH 서버에 연결하는 데 문제가 있습니다. 터미널에 포트 22 연결 시간 초과 오류가 표시됩니다.
터미널 출력은 다음과 같습니다.
~$ ssh -vvv [email protected]
OpenSSH_8.9p1 Ubuntu-3ubuntu0.3, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname 10.10.21.145 is address
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/home/deus-ex/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/home/deus-ex/.ssh/known_hosts2'
debug3: ssh_connect_direct: entering
debug1: Connecting to 10.10.21.145 [10.10.21.145] port 22.
debug3: set_sock_tos: set socket 3 IP_TOS 0x10
debug1: connect to address 10.10.21.145 port 22: Connection timed out
ssh: connect to host 10.10.21.145 port 22: Connection timed out
제한된 기술로 이 문제를 어떻게 해결할 수 있습니까?
- OopenVPN을 올바르게 구성하고
.ovpn
사이트에서 파일을 올바르게 가져왔으며 사이트 액세스 페이지에 연결된 것으로 표시되었습니다. - SSH를 허용
ufw
하고 입력 및 출력 체인을 허용했습니다. SSH 구성 파일을 망쳤습니다( 로ForwardX11
설정 됨yes
,ForwardX11Trusted
로 설정 됨no
).
편집하다:
파일을 로드할 때의 출력은 다음과 같습니다 .ovpn
.
2023-08-03 18:00:14 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2023-08-03 18:00:14 --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-08-03 18:00:14 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 14 2022
2023-08-03 18:00:14 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
2023-08-03 18:00:14 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2023-08-03 18:00:14 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2023-08-03 18:00:14 TCP/UDP: Preserving recently used remote address: [AF_INET]18.202.129.195:1194
2023-08-03 18:00:14 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-08-03 18:00:14 UDP link local: (not bound)
2023-08-03 18:00:14 UDP link remote: [AF_INET]18.202.129.195:1194
2023-08-03 18:00:14 TLS: Initial packet from [AF_INET]18.202.129.195:1194, sid=f8b4add2 9b69173d
편집 2: 다음은 각각 ip a 및 ip r의 출력입니다.
~$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether a0:2c:36:6c:c1:8b brd ff:ff:ff:ff:ff:ff
inet 192.168.1.36/24 brd 192.168.1.255 scope global dynamic noprefixroute wlan0
valid_lft 83529sec preferred_lft 83529sec
inet6 fe80::4d74:a228:6906:4be8/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 500
link/none
inet 10.8.0.1/24 scope global tun0
valid_lft forever preferred_lft forever
inet6 fe80::444c:446f:76:8869/64 scope link stable-privacy
valid_lft forever preferred_lft forever
4: tun1: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 500
link/none
inet 10.8.154.178/16 scope global tun1
valid_lft forever preferred_lft forever
inet6 fe80::767f:df32:bb7:fbe1/64 scope link stable-privacy
valid_lft forever preferred_lft forever
~$ ip r
default via 192.168.1.1 dev wlan0 proto dhcp metric 600
10.8.0.0/24 dev tun0 proto kernel scope link src 10.8.0.1
10.8.0.0/16 dev tun1 proto kernel scope link src 10.8.154.178
10.10.0.0/16 via 10.8.0.1 dev tun0 metric 1000
169.254.0.0/16 dev wlan0 scope link metric 1000
192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.36 metric 600
편집 3: ping을 실행한 후 얻은 내용은 다음과 같습니다.
ping -c3 10.10.21.145
PING 10.10.93.154 (10.10.93.154) 56(84) bytes of data.
--- 10.10.93.154 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2043ms
편집 4: 이것은 내 라우팅 테이블입니다.
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 wlan0
10.8.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
10.8.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tun1
10.8.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tun2
10.10.0.0 10.8.0.1 255.255.0.0 UG 1000 0 0 tun0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0
192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlan0
답변1
무슨 문제인지는 모르겠지만 OpenVpn을 제거하고 관련 파일을 모두 지운 후 다시 설치해서 해결했습니다(재설치해도 안됨).
귀하의 건설적인 피드백과 팁에 감사드립니다.