Shulou(Shulou.com)06/01 Report--

This article mainly introduces how to solve the problem of SSH connection debugging, has a certain reference value, interested friends can refer to, I hope you can learn a lot after reading this article, let the editor take you to understand it.

SSH is a security protocol designed for remote login sessions and other network services. The use of SSH protocol can effectively prevent information leakage in the process of remote management. In the current production environment operation and maintenance work, most enterprises generally use SSH protocol services to replace the traditional insecure remote online service software, such as telnet (23 ports, non-encrypted) and so on.

Problem 1: the SSH service is not running

A common cause of SSH connection errors is that the service is not running on a remote server. This may be caused by an unexpected shutdown of the service or the failure to start the service after the system restarts.

To check if the SSH service is running, run the following command:

[root@server1 ~] # systemctl status sshd solution

Use the following command to set up the SSH service boot and start the service:

[root@server1 ~] # systemctl enable sshd [root@server1 ~] # systemctl start sshd question 2: SSH on non-standard ports

The second common problem when debugging SSH connections is using non-standard ports. If SSH is running on a port other than the default port 22, you will not be able to connect to the remote host unless you explicitly specify the port on which SSH is running.

To view the port on which SSH is running, use a tool such as netstat, as follows:

[root@clean-idea-1 ~] # netstat-tlunp | grep sshdtcp 0 0 0.0.0.0 grep sshdtcp 28159 0.0.0.0 LISTEN 818/sshd tcp6 0 0:: 28159:: * LISTEN 818/sshd

The output above shows the port on which the SSH service is running. In this case, it is port 28159.

Solution method

The port is not the default 22:00, so you need to specify a port to connect:

[root@server1 ~] # ssh root@192.168.43.131-p 28159 question 3: Port occupied

Another reason for SSH connection errors is whether other services or processes also use the same port as the SSH service. For example, if the port number of SSH is 80, which conflicts with the port of the http service, a service like Apache may be using the same port.

To see if other processes are using the same port as SSH, check the log using the following command:

[root@server1] # journalctl-t sshd

The command should return an error similar to the one shown below, indicating that the port is occupied.

Solution method

Here you can change the port number of ssh, open the configuration file and change the port to something else, Port 2222

Vim / etc/ssh/sshd_configPort 2222 problem 4: blocked by firewall

If you have tried all of the above and are still unable to establish a SSH connection, you can see if the firewall is blocking the connection?

Solution method

In Cetnos8, use fireawlld to view the firewall and add ports to allow:

[root@server1 ~] # firewall-cmd-- list-all [root@server1 ~] # firewall-cmd-- permanent-- add-port=2222/tcpsuccess [root@server1 ~] # firewall-cmd-- reloadsuccess question 5: password login has been disabled

Sometimes, you can configure SSH not to accept password logins, but only to use public key authentication. If the public key is not available on the server or the private key pair is missing, it may cause the problem of not being able to log in.

Solution method

To check if the / etc/ssh/sshd_config configuration file allows password login, set the ssh configuration to the following:

[root@server1] # grep PasswordAuthentication / etc/ssh/sshd_config#PasswordAuthentication yesPasswordAuthentication yes# PasswordAuthentication. Depending on your PAM configuration,# PAM authentication, then enable this but set PasswordAuthentication

The output above shows that the password is allowed to log in.

Thank you for reading this article carefully. I hope the article "how to solve the debugging problem of SSH connection" shared by the editor will be helpful to everyone. At the same time, I also hope that you will support us and pay attention to the industry information channel. More related knowledge is waiting for you to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.