Ich habe gerade 4 VMs erstellt, die einander sehr ähnlich sind, aber ich bin mir nicht sicher, warum ich bei einer VM keine SSH-Verbindung von SecureCRT herstellen kann.
Das Host-Betriebssystem ist Windows 10. Alle vier VMs sind CentOS (zwei Centos 6.8 und zwei Centos 7).
Alle vier können per SSH miteinander kommunizieren.
Ich weiß nicht, was ich tun muss, um das Problem zu beheben. Port 22 ist auf allen vier VMs geöffnet.
Ich habe versucht, für jede IP-Adresse des Rechners über cmd (Windows) eine Telnet-Verbindung herzustellen, und bei dem Rechner mit dem Problem heißt es: C:\WINDOWS\system32>telnet 192.168.1.4 22 Verbindung zu 192.168.1.4 wird hergestellt...Verbindung zum Host konnte nicht hergestellt werden, auf Port 22: Verbindung fehlgeschlagen C:\WINDOWS\system32> ssh ist auf dem Host mit Sicherheit geöffnet, warum erhalte ich dann diese Meldung? –
Ich bin verwirrt und nicht sicher, was ich tun muss, um das Problem zu beheben.
[root@agent2 ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
23 1575 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
75 11903 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
75 11903 INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
75 11903 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
3 252 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
70 11531 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * virbr0 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- virbr0 * 192.168.122.0/24 0.0.0.0/0
0 0 ACCEPT all -- virbr0 virbr0 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * virbr0 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_direct all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 27 packets, 3669 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * virbr0 0.0.0.0/0 0.0.0.0/0 udp dpt:68
55 8531 OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD_IN_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_public all -- enp0s3 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDI_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_IN_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_OUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_public all -- * enp0s3 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDO_public all -- * + 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_OUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_direct (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public (2 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDI_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public (2 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDO_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
66 10104 IN_public all -- enp0s3 * 0.0.0.0/0 0.0.0.0/0 [goto]
9 1799 IN_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain INPUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_direct (1 references)
pkts bytes target prot opt in out source destination
Chain IN_public (2 references)
pkts bytes target prot opt in out source destination
75 11903 IN_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
75 11903 IN_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
75 11903 IN_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain IN_public_allow (1 references)
pkts bytes target prot opt in out source destination
1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW
1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 ctstate NEW
Chain IN_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain IN_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain OUTPUT_direct (1 references)
pkts bytes target prot opt in out source destination
[root@agent2 ~]#
[root@puppet ~]# ss -lntp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 5 :::5666 :::* users:(("nrpe",3398,5))
LISTEN 0 5 *:5666 *:* users:(("nrpe",3398,4))
LISTEN 0 128 :::111 :::* users:(("rpcbind",1454,11))
LISTEN 0 128 *:111 *:* users:(("rpcbind",1454,8))
LISTEN 0 128 :::80 :::* users:(("httpd",2095,4),("httpd",2122,4),("httpd",2123,4),("httpd",2124,4),("httpd",2125,4),("httpd",2126,4),("httpd",2127,4),("httpd",2128,4),("httpd",2129,4),("httpd",2130,4),("httpd",3148,4),("httpd",4383,4),("httpd",4716,4))
LISTEN 0 128 :::47316 :::* users:(("rpc.statd",1525,11))
LISTEN 0 128 *:51796 *:* users:(("rpc.statd",1525,9))
LISTEN 0 128 :::22 :::* users:(("sshd",1957,4))
LISTEN 0 128 *:22 *:* users:(("sshd",1957,3))
LISTEN 0 128 127.0.0.1:631 *:* users:(("cupsd",1580,7))
LISTEN 0 128 ::1:631 :::* users:(("cupsd",1580,6))
LISTEN 0 100 ::1:25 :::* users:(("master",2054,13))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",2054,12))
LISTEN 0 128 :::443 :::* users:(("httpd",2095,6),("httpd",2122,6),("httpd",2123,6),("httpd",2124,6),("httpd",2125,6),("httpd",2126,6),("httpd",2127,6),("httpd",2128,6),("httpd",2129,6),("httpd",2130,6),("httpd",3148,6),("httpd",4383,6),("httpd",4716,6))
[root@puppet ~]#