방금 4개의 VM을 서로 거의 동일하게 구축했지만 왜 한 VM에 대해 SecureCRT에서 SSH를 통해 연결할 수 없는지 잘 모르겠습니다.
호스트 OS는 CentOS(Centos 6.8 2개, Centos 7 2개)인 Windows 10 All Four VM입니다.
네 명 모두 서로 SSH를 수행할 수 있습니다.
문제를 해결하려면 어떻게 해야 할지 막막합니다. 포트 22는 4개의 VM 모두에서 열려 있습니다.
cmd(windows)에서 각 컴퓨터 IP에 대해 텔넷을 시도했는데 문제가 있는 컴퓨터에 대해 다음과 같이 표시됩니다. C:\WINDOWS\system32>telnet 192.168.1.4 22 192.168.1.4에 연결 중...연결을 열 수 없습니다. 호스트, 포트 22: 연결 실패 C:\WINDOWS\system32> SSH가 호스트에 확실히 열려 있는데 이 메시지가 나타나는 이유는 무엇입니까? –
혼란스럽고 문제를 해결하려면 어떻게 해야 할지 잘 모르겠습니다.
[root@agent2 ~]# iptables -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
23 1575 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
75 11903 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
75 11903 INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
75 11903 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
3 252 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
70 11531 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * virbr0 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- virbr0 * 192.168.122.0/24 0.0.0.0/0
0 0 ACCEPT all -- virbr0 virbr0 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * virbr0 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 REJECT all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_direct all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_IN_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FORWARD_OUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT 27 packets, 3669 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * virbr0 0.0.0.0/0 0.0.0.0/0 udp dpt:68
55 8531 OUTPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD_IN_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_public all -- enp0s3 * 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDI_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_IN_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_OUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_public all -- * enp0s3 0.0.0.0/0 0.0.0.0/0 [goto]
0 0 FWDO_public all -- * + 0.0.0.0/0 0.0.0.0/0 [goto]
Chain FORWARD_OUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_direct (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public (2 references)
pkts bytes target prot opt in out source destination
0 0 FWDI_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDI_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDI_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDI_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public (2 references)
pkts bytes target prot opt in out source destination
0 0 FWDO_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 FWDO_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FWDO_public_allow (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain FWDO_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_ZONES (1 references)
pkts bytes target prot opt in out source destination
66 10104 IN_public all -- enp0s3 * 0.0.0.0/0 0.0.0.0/0 [goto]
9 1799 IN_public all -- + * 0.0.0.0/0 0.0.0.0/0 [goto]
Chain INPUT_ZONES_SOURCE (1 references)
pkts bytes target prot opt in out source destination
Chain INPUT_direct (1 references)
pkts bytes target prot opt in out source destination
Chain IN_public (2 references)
pkts bytes target prot opt in out source destination
75 11903 IN_public_log all -- * * 0.0.0.0/0 0.0.0.0/0
75 11903 IN_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0
75 11903 IN_public_allow all -- * * 0.0.0.0/0 0.0.0.0/0
Chain IN_public_allow (1 references)
pkts bytes target prot opt in out source destination
1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ctstate NEW
1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 ctstate NEW
Chain IN_public_deny (1 references)
pkts bytes target prot opt in out source destination
Chain IN_public_log (1 references)
pkts bytes target prot opt in out source destination
Chain OUTPUT_direct (1 references)
pkts bytes target prot opt in out source destination
[root@agent2 ~]#
[root@puppet ~]# ss -lntp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 5 :::5666 :::* users:(("nrpe",3398,5))
LISTEN 0 5 *:5666 *:* users:(("nrpe",3398,4))
LISTEN 0 128 :::111 :::* users:(("rpcbind",1454,11))
LISTEN 0 128 *:111 *:* users:(("rpcbind",1454,8))
LISTEN 0 128 :::80 :::* users:(("httpd",2095,4),("httpd",2122,4),("httpd",2123,4),("httpd",2124,4),("httpd",2125,4),("httpd",2126,4),("httpd",2127,4),("httpd",2128,4),("httpd",2129,4),("httpd",2130,4),("httpd",3148,4),("httpd",4383,4),("httpd",4716,4))
LISTEN 0 128 :::47316 :::* users:(("rpc.statd",1525,11))
LISTEN 0 128 *:51796 *:* users:(("rpc.statd",1525,9))
LISTEN 0 128 :::22 :::* users:(("sshd",1957,4))
LISTEN 0 128 *:22 *:* users:(("sshd",1957,3))
LISTEN 0 128 127.0.0.1:631 *:* users:(("cupsd",1580,7))
LISTEN 0 128 ::1:631 :::* users:(("cupsd",1580,6))
LISTEN 0 100 ::1:25 :::* users:(("master",2054,13))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",2054,12))
LISTEN 0 128 :::443 :::* users:(("httpd",2095,6),("httpd",2122,6),("httpd",2123,6),("httpd",2124,6),("httpd",2125,6),("httpd",2126,6),("httpd",2127,6),("httpd",2128,6),("httpd",2129,6),("httpd",2130,6),("httpd",3148,6),("httpd",4383,6),("httpd",4716,6))
[root@puppet ~]#