ssh 只有一種方式

我有兩台電腦，一台執行Debian GNU/Linux 9，另一台執行Ubuntu 18.04.1 LTS。我在兩台電腦上都安裝了 openssh。

sudo apt install openssh-client
sudo apt install openssh-server

現在，我可以使用 ssh 從 Debian 連接到 Ubuntu，但不能從 Ubuntu 連接到 Debian。

在 Debian 電腦上

nmap localhost

輸出：

Starting Nmap 7.40 ( https://nmap.org ) at 2019-01-24 14:39 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.00010s latency).
Other addresses for localhost (not scanned): ::1
Not shown: 999 closed ports
PORT   STATE SERVICE
22/tcp open  ssh

Nmap done: 1 IP address (1 host up) scanned in 0.04 seconds

我也試過跑步

sudo ufw allow ssh

在 Debian 電腦上。

我應該怎麼做才能從另一台電腦訪問任何一台電腦？

---

根據評論編輯

netstat -l在 debian 伺服器上執行輸出：

b1012@debian:~$ netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 localhost:5939          0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:ssh             0.0.0.0:*               LISTEN     
tcp6       0      0 [::]:ssh                [::]:*                  LISTEN     
udp        0      0 0.0.0.0:mdns            0.0.0.0:*                          
udp        0      0 0.0.0.0:40272           0.0.0.0:*                          
udp        0      0 0.0.0.0:57967           0.0.0.0:*                          
udp        0      0 0.0.0.0:bootpc          0.0.0.0:*                          
udp6       0      0 [::]:mdns               [::]:*                             
udp6       0      0 [::]:41052              [::]:*                             
raw6       0      0 [::]:ipv6-icmp          [::]:*                  7          
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node   Path
unix  2      [ ACC ]     STREAM     LISTENING     19723    /run/user/1000/pulse/native
unix  2      [ ACC ]     STREAM     LISTENING     15627    /run/uuidd/request
unix  2      [ ACC ]     STREAM     LISTENING     15630    /var/run/avahi-daemon/socket
unix  2      [ ACC ]     STREAM     LISTENING     15633    /var/run/dbus/system_bus_socket
unix  2      [ ACC ]     STREAM     LISTENING     16129    /tmp/ssh-AYHltf8zzAuv/agent.600
unix  2      [ ACC ]     STREAM     LISTENING     16960    /tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     18495    /tmp/.ICE-unix/600
unix  2      [ ACC ]     STREAM     LISTENING     17542    @/tmp/dbus-0nAe1Vft
unix  2      [ ACC ]     STREAM     LISTENING     16959    @/tmp/.X11-unix/X0
unix  2      [ ACC ]     STREAM     LISTENING     14138    @/tmp/dbus-kLaALJuH
unix  2      [ ACC ]     STREAM     LISTENING     18494    @/tmp/.ICE-unix/600
unix  2      [ ACC ]     STREAM     LISTENING     14179    /run/user/1000/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     14184    /run/user/1000/gnupg/S.gpg-agent.browser
unix  2      [ ACC ]     STREAM     LISTENING     14187    /run/user/1000/bus
unix  2      [ ACC ]     STREAM     LISTENING     14189    /run/user/1000/gnupg/S.gpg-agent
unix  2      [ ACC ]     STREAM     LISTENING     14191    /run/user/1000/gnupg/S.gpg-agent.extra
unix  2      [ ACC ]     STREAM     LISTENING     14193    /run/user/1000/gnupg/S.gpg-agent.ssh
unix  2      [ ACC ]     STREAM     LISTENING     17539    /run/user/1000/keyring/control
unix  2      [ ACC ]     SEQPACKET  LISTENING     1427     /run/udev/control
unix  2      [ ACC ]     STREAM     LISTENING     14139    @/tmp/dbus-kLVeQt6a
unix  2      [ ACC ]     STREAM     LISTENING     17311    /run/user/1000/keyring/ssh
unix  2      [ ACC ]     STREAM     LISTENING     17313    /run/user/1000/keyring/pkcs11
unix  2      [ ACC ]     STREAM     LISTENING     9634     /run/systemd/private
unix  2      [ ACC ]     STREAM     LISTENING     9648     /run/systemd/journal/stdout
unix  2      [ ACC ]     STREAM     LISTENING     9653     /run/systemd/fsck.progress
unix  2      [ ACC ]     STREAM     LISTENING     17541    @/tmp/dbus-yMrL8O3f
unix  2      [ ACC ]     STREAM     LISTENING     18465    @/tmp/dbus-stZvWk5V9a
unix  2      [ ACC ]     STREAM     LISTENING     17404    /var/run/NetworkManager/private-dhcp

connection timed out嘗試連接時，我得到了。

ssh b1012@192.168.0.104 -vvv
OpenSSH_7.6p1 Ubuntu-4ubuntu0.1, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /home/optoscale/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "192.168.0.104" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 192.168.0.104 [192.168.0.104] port 22.
debug1: connect to address 192.168.0.104 port 22: Connection timed out
ssh: connect to host 192.168.0.104 port 22: Connection timed out

跑步

b1012@debian:~$ systemctl status ssh.service

輸出：

● ssh.service - OpenBSD Secure Shell server
  Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enab
  Active: active (running) since Thu 2019-01-24 13:42:23 CET; 2h 0min ago
 Process: 3594 ExecReload=/bin/kill -HUP $MAINPID (code=exited, status=0/SUCCES
 Process: 3589 ExecReload=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
Main PID: 2332 (sshd)
   Tasks: 1 (limit: 4915)
  CGroup: /system.slice/ssh.service
          └─2332 /usr/sbin/sshd -D

你的兩台機器之間有一個 NAT 防火牆。您可以看到這一點，因為您的 Debian 系統的 IP 地址是 192.168.0.24，但 Ubuntu 系統看到相關的入站連接來自 10.20.81.24。

除非您控制和管理此 NAT 防火牆，否則您不可能直接從 Ubuntu 伺服器連接到 Debian 伺服器。（存在各種變通方法，包括autossh在您的 Debian 系統上使用反向隧道執行，或者從 Debian 到 Ubuntu 啟動 OpenVPN。兩者都可以允許以另一種方式重新建立連接。）

引用自：https://unix.stackexchange.com/questions/496464