远程转发:
建立SSH隧道
然后看我这台阿里云能不能ssh到虚拟机服务器
[root@iZbp145axkc98giot5b448Z ~]# ssh root@127.0.0.1 -p 8888 The authenticity of host '[127.0.0.1]:8888 ([127.0.0.1]:8888)' can't be establis hed. ECDSA key fingerprint is SHA256:0Spmsmh65ihKQh+mZTgqHwMBFt6DC9e0scSFJij0SFM. ECDSA key fingerprint is MD5:d7:f8:39:6e:84:a0:d4:9b:9a:03:f9:fa:b9:66:e2:23. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[127.0.0.1]:8888' (ECDSA) to the list of known hosts . root@127.0.0.1's password: Last login: Mon Mar 30 22:16:36 2020 [root@topcheer ~]# ifconfig docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 172.17.0.1 netmask 255.255.0.0 broadcast 0.0.0.0 ether 02:42:63:95:56:b5 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.180.113 netmask 255.255.255.0 broadcast 192.168.180.255 inet6 fe80::5525:8ab1:3e17:705 prefixlen 64 scopeid 0x20<link> ether 00:0c:29:4d:67:37 txqueuelen 1000 (Ethernet) RX packets 113416 bytes 163356890 (155.7 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 7431 bytes 709934 (693.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 212 bytes 23052 (22.5 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 212 bytes 23052 (22.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255 ether 52:54:00:27:04:0d txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@topcheer ~]#
发现可以成功,然后我再这台阿里云SSH到别的一台阿里云,在SSH到虚拟机发现,不行,原因如下:
[root@iZbp145axkc98giot5b448Z ~]# netstat -nltp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 25181/httpd tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 27289/sshd tcp 0 0 127.0.0.1:8888 0.0.0.0:* LISTEN 26951/sshd: root tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 9297/master tcp6 0 0 :::7946 :::* LISTEN 9848/dockerd tcp6 0 0 :::3306 :::* LISTEN 7507/mysqld tcp6 0 0 :::25 :::* LISTEN 9297/master
8888端口是本地的,需要修改配置文件
[root@iZbp145axkc98giot5b448Z ~]# vim /etc/ssh/sshd_config [root@iZbp145axkc98giot5b448Z ~]# service sshd restart Redirecting to /bin/systemctl restart sshd.service
然后再重启隧道,就可以了
[root@iZbp145axkc98giot5b448Z ~]# netstat -nltp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 25181/httpd tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 27289/sshd tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 27302/sshd: root tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 9297/master tcp6 0 0 :::7946 :::* LISTEN 9848/dockerd tcp6 0 0 :::3306 :::* LISTEN 7507/mysqld tcp6 0 0 :::25 :::* LISTEN 9297/master [root@iZbp145axkc98giot5b448Z ~]#
再开始测试
[root@iZbp143t3oxhfc3ar7jey0Z ~]# ssh root@172.16.25.74 The authenticity of host '172.16.25.74 (172.16.25.74)' can't be established. ECDSA key fingerprint is SHA256:dAjU+6+NkBMm2b6/PJiCV8sXtGnRIASG4WfNsSzpiPM. ECDSA key fingerprint is MD5:68:db:06:e4:0e:5a:38:15:3e:52:22:1e:1c:55:71:d9. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '172.16.25.74' (ECDSA) to the list of known hosts. root@172.16.25.74's password: Last login: Mon Mar 30 20:46:17 2020 from 183.160.51.73 Welcome to Alibaba Cloud Elastic Compute Service ! [root@iZ1la3d1xbmukrZ ~]# ssh root@172.16.123.216 -p 8888 The authenticity of host '[172.16.123.216]:8888 ([172.16.123.216]:8888)' can't be established. ECDSA key fingerprint is SHA256:0Spmsmh65ihKQh+mZTgqHwMBFt6DC9e0scSFJij0SFM. ECDSA key fingerprint is MD5:d7:f8:39:6e:84:a0:d4:9b:9a:03:f9:fa:b9:66:e2:23. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[172.16.123.216]:8888' (ECDSA) to the list of known hosts. root@172.16.123.216's password: Permission denied, please try again. root@172.16.123.216's password: Permission denied, please try again. root@172.16.123.216's password: Last failed login: Mon Mar 30 23:06:29 CST 2020 from 192.168.180.1 on ssh:notty There were 2 failed login attempts since the last successful login. Last login: Mon Mar 30 23:03:22 2020 from 192.168.180.1 [root@topcheer ~]#
注意ssh -p 8888的时候,输入的是虚拟机的密码