【发布时间】:2015-04-11 00:07:08
【问题描述】:
我正在使用 SSH 端口转发命令,
ssh -L 12776:localhost:12776 root@suvhost.com
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'i-9b267152.workdaysuv.com' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Next authentication method: gssapi-keyex
debug1: No valid Key exchange context
debug1: Next authentication method: gssapi-with-mic
Address 54.68.124.102 maps to ec2-54-68-124-102.us-west-2.compute.amazonaws.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found
debug1: Unspecified GSS failure. Minor code may provide more information
debug1: Unspecified GSS failure. Minor code may provide more information
Credentials cache file '/tmp/krb5cc_0' not found
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Offering public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 277
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: Local connections to LOCALHOST:12776 forwarded to remote address localhost:12776
debug1: Local forwarding listening on ::1 port 12776.
bind: Address already in use
debug1: Local forwarding listening on 127.0.0.1 port 12776.
bind: Address already in use
channel_setup_fwd_listener: cannot listen to port: 12776
Could not request local forwarding.
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Last login: Mon Apr 13 17:07:19 2015 from 54.68.124.102
我收到以下错误
地址 54.187.51.48 映射到 ec2-54-187-51-48.us-west-2.compute.amazonaws.com 但这不会映射回地址 - 可能是闯入尝试!
我还尝试清理本地主机和服务器的 ~/.ssh/known_hosts 文件并重新执行它,但没有运气。请问这方面有什么建议吗?
【问题讨论】:
-
您可以尝试使用详细输出 (-v) 的命令并将该输出包含在您的问题中吗?
-
该消息与端口转发没有任何关系。 ssh 只是在抱怨您要连接的远程服务器的 DNS 条目。
-
@GaZ 在我的问题中添加了详细输出
-
一方面,端口 12776 似乎已在本地使用,因此 ssh 无法绑定到该端口。什么已经在使用该端口?第二件事:您的 .ssh 文件夹 (/root/.ssh/) 的权限是什么?顺便说一句,以 root 身份执行所有这些操作是一个非常糟糕的主意。创建一个合适的用户并使用它。见superuser.com/questions/218379/why-is-it-bad-to-run-as-root
标签: linux ssh portforwarding hosts reverse-dns