ssh-wsl

can’t open /dev/tty

连接ssh-wsl时,使用正确的ip,端口,password出现permission denied

而在/etc/ssh/sshd_config中已经设置好了:

# UsePAM yes
PasswordAuthentication yes
PermitRootLogin yes
ListenAddress 0.0.0.0
Port 2222

并且打开了windows防火墙2222

根据-v错误的提示:

(base) root@DESKTOP-A8MI18O:/etc/ssh/sshd_config.d# ls -l /dev/tty
crw-rw-rw- 1 root root 5, 0 Sep 24 10:29 /dev/tty

使用mknod /dev/tty c 5 0来创建一个新的设备文件,然而显示设备已存在

CDSA host key “ip地址” for has changed and you have requested strict checking

进而尝试重装wsl系统,再次设置好以上参数

(base) PS C:\Users\Sunie> ssh -v root@172.19.177.182 -p 2222
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
debug1: Reading configuration data C:\\Users\\Sunie/.ssh/config
debug1: Connecting to 172.19.177.182 [172.19.177.182] port 2222.
debug1: Connection established.
debug1: identity file C:\\Users\\Sunie/.ssh/id_rsa type 0
debug1: identity file C:\\Users\\Sunie/.ssh/id_rsa-cert type -1
debug1: identity file C:\\Users\\Sunie/.ssh/id_dsa type -1
debug1: identity file C:\\Users\\Sunie/.ssh/id_dsa-cert type -1
debug1: identity file C:\\Users\\Sunie/.ssh/id_ecdsa type -1
debug1: identity file C:\\Users\\Sunie/.ssh/id_ecdsa-cert type -1
debug1: identity file C:\\Users\\Sunie/.ssh/id_ed25519 type -1
debug1: identity file C:\\Users\\Sunie/.ssh/id_ed25519-cert type -1
debug1: identity file C:\\Users\\Sunie/.ssh/id_xmss type -1
debug1: identity file C:\\Users\\Sunie/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.3
debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.3 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 172.19.177.182:2222 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:JObrCPbn3B+wA51MFMH4TSNL21FSaDmrzLi38Ett+ZM
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that a host key has just been changed.
The fingerprint for the ECDSA key sent by the remote host is
SHA256:JObrCPbn3B+wA51MFMH4TSNL21FSaDmrzLi38Ett+ZM.
Please contact your system administrator.
Add correct host key in C:\\Users\\Sunie/.ssh/known_hosts to get rid of this message.
Offending ECDSA key in C:\\Users\\Sunie/.ssh/known_hosts:11
ECDSA host key for [172.19.177.182]:2222 has changed and you have requested strict checking.
Host key verification failed.

解决方案:

(base) PS C:\Users\Sunie> ssh-keygen -R 172.19.177.182
Host 172.19.177.182 not found in C:\\Users\\Sunie/.ssh/known_hosts

目的是清除你当前机器里关于你的远程服务器的缓存和公钥信息,注意是大写的字母“R”。

不成功,手动删除C:\\Users\\Sunie/.ssh/known_hosts:11

Permission denied (publickey).

debug1: No more authentication methods to try.
root@172.19.177.182: Permission denied (publickey).

因为忘记加上PasswordAuthentication yes

在以上问题解决之后,可以通过内网ip及127.0.0.1登录wsl

windows ssh linux:试图写入的管道不存在

问题:使用Vscode: ssh-remote连接到远程linux系统时:

[15:25:24.868] > kex_exchange_identification: Connection closed by remote host
[15:25:24.876] > 过程试图写入的管道不存在。

其中,配置文件:

Host JumpMachine
    HostName jump-vscode.sensetime.com
    # 你跳板机的用户名
    User sunye

Host d5
    HostName 10.198.20.231
    User sunye
    Port 22
    ProxyCommand ssh -q -W %h:%p JumpMachine

Windows Powershell使用ssh直接连接也有概率报错

image-20210821153833359

查询ssh路径失败

(base) PS C:\Users\Sunie> where ssh
(base) PS C:\Users\Sunie>

然而使用git bash进行ssh连接却能成功

image-20210821153939434

Windows Powershell使用的是环境变量为C:\Windows\System32\OpenSSH,而git bash使用的ssh路径在D:\Git\usr\bin

两者使用的不是一个ssh,猜想前者在与linux系统通信的过程中,有概率出现协议不兼容(这种猜想是错的)

如果将环境变量中前者换成后者,照样会报错,因为git ssh对命令解析的方式与windows不同:

(base) PS C:\Users\Sunie> ssh sunye@d5
/bin/sh: line 0: exec: D:Gitusrbinssh: not found
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535

因为本地的known_hosts文件记录服务器信息与现服务器的信息冲突了,导致连接失败

在known_hosts中删除服务器IP即可

C:\Windows\System32\OpenSSH>ssh.exe sunye@d5
The authenticity of host 'jump-vscode.sensetime.com (10.10.40.126)' can't be established.
ECDSA key fingerprint is SHA256:+YXPMHZcbZSOf/IyeEPv2fOTVny0K5fpWKu0+fkSA14.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Verification code:
Password:
The authenticity of host '10.198.20.231 (<no hostip for proxy command>)' can't be established.
ECDSA key fingerprint is SHA256:5Znz+0QJmwTR/cb70bmvHp6plbMDAKn+UUF2aSUHZEI.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '10.198.20.231' (ECDSA) to the list of known hosts.
Last login: Sat Aug 21 15:23:21 2021 from 10.10.40.126
[sunye@HOST-10-198-20-231 ~]$

事实证明这是有效的,跟使用那个ssh无关,而是known_host

之后又遇到问题,以上两种情况报出不同的错误:

(base) PS C:\Users\Sunie> C:\Windows\System32\OpenSSH\ssh sunye@d5
getsockname failed: Bad file descriptor
channel_send_open: channel 0: unexpected internal error
(base) PS C:\Users\Sunie> D:\Git\usr\bin\ssh sunye@d5
/bin/sh: line 0: exec: D:Gitusrbinssh: not found
kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535

第二个很显然是git ssh不支持在Windows PowerShell中使用,在git bash中使用也不正常。直接cd到该目录下呢?

(base) PS C:\Users\Sunie> cd C:\Windows\System32\OpenSSH\
(base) PS C:\Windows\System32\OpenSSH> ssh sunye@d5
kex_exchange_identification: Connection closed by remote host
(base) PS C:\Windows\System32\OpenSSH> cd D:\Git\usr\bin\
(base) PS D:\Git\usr\bin> ssh sunye@d5
kex_exchange_identification: Connection closed by remote host

开始迷惑
img

而如果ssh外网主机sunie.top,则能够正常登陆。以下两种情况交替发生:

img

注意这里的使用的代理ssh是D:\Git\usr\bin\ssh,如果修改成C盘的,诶,正常了
img

事已至此,却仍然是概率性成功:
img

反复的retry才能一次成功,WHY?