SSH連接失敗案例

原創

2019-01-01 15:23

案例1：Read from socket failed: Connection reset by peer

（1）現象

[root@vm08 ~]# ssh 192.168.10.1  
Read from socket failed: Connection reset by peer

（2）分析
重啓sshd服務，發現出現如下：

[root@vm08 ~]# service sshd restart
Redirecting to /bin/systemctl restart  sshd.service
[root@vm08 ~]# service sshd status
Redirecting to /bin/systemctl status  sshd.service
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 2019-01-01 11:37:45 CST; 5s ago
     Docs: man:sshd(8)
           man:sshd_config(5)
 Main PID: 15252 (sshd)
   CGroup: /system.slice/sshd.service
           ├─14995 sshd: root@pts/0
           ├─14997 -bash
           ├─15252 /usr/sbin/sshd -D
           └─15253 /bin/systemctl status sshd.service

Jan 01 11:37:45 paas-rds-database-cd60 sshd[15252]: Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Jan 01 11:37:45 paas-rds-database-cd60 sshd[15252]: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@...@@@
Jan 01 11:37:45 paas-rds-database-cd60 sshd[15252]: @         WARNING: UNPROTECTED PRIVATE KEY FILE! ...  @
Jan 01 11:37:45 paas-rds-database-cd60 sshd[15252]: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@...@@@
Jan 01 11:37:45 paas-rds-database-cd60 sshd[15252]: Permissions 0640 for '/etc/ssh/ssh_host_ed25519_k...en.
Jan 01 11:37:45 paas-rds-database-cd60 sshd[15252]: It is required that your private key files are NO...rs.
Jan 01 11:37:45 paas-rds-database-cd60 sshd[15252]: This private key will be ignored.
Jan 01 11:37:45 paas-rds-database-cd60 sshd[15252]: bad permissions: ignore key: /etc/ssh/ssh_host_ed...key
Jan 01 11:37:45 paas-rds-database-cd60 sshd[15252]: Could not load host key: /etc/ssh/ssh_host_ed25519_key
Jan 01 11:37:45 paas-rds-database-cd60 sshd[15252]: Server listening on :: port 22.
Hint: Some lines were ellipsized, use -l to show in full.

查看日誌/var/log/message，有如下內容：

Jan  1 11:37:45 localhost sshd: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Jan  1 11:37:45 localhost sshd: @         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
Jan  1 11:37:45 localhost sshd: @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Jan  1 11:37:45 localhost sshd: Permissions 0640 for '/etc/ssh/ssh_host_ecdsa_key' are too open.
Jan  1 11:37:45 localhost sshd: It is required that your private key files are NOT accessible by others.
Jan  1 11:37:45 localhost sshd: This private key will be ignored.
Jan  1 11:37:45 localhost sshd: bad permissions: ignore key: /etc/ssh/ssh_host_ecdsa_key
Jan  1 11:37:45 localhost sshd: Could not load host key: /etc/ssh/ssh_host_ecdsa_key

（3）解決辦法
從日誌，我們可以看出/etc/ssh/ssh_host_ecdsa_key文件的權限過大導致出現這個問題，因此，解決辦法就是把ssh目錄下的key文件的權限縮小,重啓sshd服務。

chmod 600 /etc/ssh/*key*

（4）其他
另外，也可能出現以下幾種情況：
（1）/etc/ssh目錄下key文件不存在，解決辦法是重新生成key文件：

ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key

案例2：ssh_exchange_identification: read: Connection reset by peer

[待補充]

發表評論

所有評論

還沒有人評論，想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.

SSH連接失敗案例

案例1：Read from socket failed: Connection reset by peer

案例2：ssh_exchange_identification: read: Connection reset by peer

網易2017春招實習生編程題

LeetCode--Dynamic Programming

LeetCode--Sort

使用php缺少加密擴展mcrypt等相關問題的一些解決方法

Struts學習筆記

https://yachay.unat.edu.pe/blog/index.php?comment_area=format_blog&comment_component=blog&comment_co

linux以太網驅動總結