Linux
SSH 伺服器拒絕來自同一個客戶端的多個連接
我有一個在 Alpine Linux 3.15 Docker 容器中執行的簡單 openssh 伺服器,以及另一個容器,也執行相同版本的 Alpine 的 SSH 伺服器)執行帶有 dwm 的 X 伺服器
我正在
st
使用以下命令從 X 伺服器連接到 SSH 伺服器(並正在執行):ssh -v -t client@172.13.0.2 st
SSH 伺服器正在使用以下命令執行:
/usr/bin/sshd -D -d -e
$DISPLAY
變數設置為ssh:10
(作為ssh
SSH 伺服器主機名)客戶端能夠通過從伺服器到客戶端顯示的 X11 轉發打開圖形應用程序( ),問題是在收到以下錯誤之前
st
我只能打開單個實例:st
ssh: connect to host 172.17.0.2 port 22: Connection refused
伺服器端日誌:
Starting session: command on pts/1 for client from 172.17.0.3 port 34060 id 0 debug1: Setting controlling tty using TIOCSCTTY. debug1: X11 connection requested. debug1: channel 3: new [X11 connection from 172.17.0.2 port 35028] debug1: Received SIGCHLD. debug1: session_by_pid: pid 9 debug1: session_exit_message: session 0 channel 0 pid 9 debug1: session_exit_message: release channel 0 debug1: session_by_tty: session 0 tty /dev/pts/1 debug1: session_pty_cleanup2: session 0 release /dev/pts/1 debug1: channel 3: free: X11 connection from 172.17.0.2 port 35028, nchannels 4 debug1: session_by_channel: session 0 channel 0 debug1: session_close_by_channel: channel 0 child 0 debug1: session_close_x11: detach x11 channel 1 debug1: session_close_x11: detach x11 channel 2 Close session: user client from 172.17.0.3 port 34060 id 0 debug1: channel 0: free: server-session, nchannels 3 debug1: channel 1: free: X11 inet listener, nchannels 2 debug1: channel 2: free: X11 inet listener, nchannels 1 Received disconnect from 172.17.0.3 port 34060:11: disconnected by user Disconnected from user client 172.17.0.3 port 34060 debug1: do_cleanup debug1: do_cleanup
客戶端日誌:
Running /usr/bin/xauth remove ssh:10.0 /usr/bin/xauth add ssh:10.0 MIT-MAGIC-COOKIE-1 49907415ff518044198f6f0075f270fe debug1: client_input_channel_open: ctype x11 rchan 3 win 65536 max 16384 debug1: client_request_x11: request from 172.17.0.2 35028 debug1: channel 1: new [x11] debug1: confirm x11 OpenSSH_8.8p1, OpenSSL 1.1.1l 24 Aug 2021 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling debug1: Connecting to 172.17.0.2 [172.17.0.2] port 22. debug1: connect to address 172.17.0.2 port 22: Connection refused ssh: connect to host 172.17.0.2 port 22: Connection refused xinit: connection to X server lost waiting for X server to shut down debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0 debug1: channel 1: free: x11, nchannels 2 X connection to ssh:10.0 broken (explicit kill or server shutdown). debug1: channel 0: free: client-session, nchannels 1 Connection to 172.17.0.2 closed. Transferred: sent 91292, received 92728 bytes, in 3.1 seconds Bytes per second: sent 29350.8, received 29812.5 debug1: Exit status 1 (II) Server terminated successfully (0). Closing log file. deallocvt: can't open console
你說你正在
sshd
使用這個命令執行:/usr/bin/sshd -D -d -e
“ -d”選項用於調試。它有這樣的效果:
調試模式。伺服器將詳細的調試輸出發送到標準錯誤,並且不會將自己置於後台。伺服器也不會 fork(2) 並且只會處理一個連接。此選項僅用於調試伺服器。多個 -d 選項可提高調試級別。最大值為 3。
您描述的行為,其中 sshd 只接受一個連接,然後不再接受,這正是您期望在“-d”選項生效時看到的。
如果您想獲得與現在相同的行為,只需
sshd
處理多個連接,應該這樣做:/usr/bin/sshd -D -e -o LogLevel=DEBUG1
- “ -D”選項使 sshd 在前台執行。
- “-e”將日誌消息定向到 sshd 的標準錯誤。
- “-o LogLevel=DEBUG1”啟用 debug1 級別的日誌記錄。