使用端口转发的 SSH 时 SSH 显示错误的 IP 地址
SSH shows the wrong IP address when SSH with port forward
我的用例是我必须通过 jumpbox 访问 AWS ec2 实例。
这是我的 SSH 配置。
Host awsjumpbox
User sshuser
HostName jumpboxhostname
IdentityFile /Users/myusername/.ssh/id_rsa
LocalForward 8022 10.0.168.43:22
当我执行 SCP 命令将文件复制到 EC2 实例时,它起作用了。
myusername % scp -r -i ~/aws/aws-keypair.pem -P 8022 * ec2-user@localhost:testdir
The authenticity of host '[localhost]:8022 ([::1]:8022)' can't be established.
ECDSA key fingerprint is SHA256:rrwr62yjP2cgUTT9SowdlrIwGi4jMMwt5x4Aj6E4Y3Y.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[localhost]:8022' (ECDSA) to the list of known hosts.
/etc/profile.d/lang.sh: line 19: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8): No such file or directory
README.md 100% 1064 24.3KB/s 00:00
但是,当我执行SSH命令时。它 returns 一个奇怪的 IP 地址。
myusername % ssh -i ~/aws/aws-keypair.pem -P 8022 ec2-user@localhost
ssh: connect to host 0.0.31.86 port 22: No route to host
这个问题的原因是什么?我该如何解决?
谢谢。
不要使用 LocalForward 并反转流程。
使用ProxyCommand or ProxyJump。这将允许 SSH 透明地打开到您的堡垒服务器的会话。
例如您的配置应该符合
Host 10.0.168.43
User root
ProxyCommand ssh -W %h:%p sshuser@awsjumpbox
...
或
Host 10.0.168.43
User root
ProxyJump sshuser@awsjumpbox
...
我的用例是我必须通过 jumpbox 访问 AWS ec2 实例。
这是我的 SSH 配置。
Host awsjumpbox
User sshuser
HostName jumpboxhostname
IdentityFile /Users/myusername/.ssh/id_rsa
LocalForward 8022 10.0.168.43:22
当我执行 SCP 命令将文件复制到 EC2 实例时,它起作用了。
myusername % scp -r -i ~/aws/aws-keypair.pem -P 8022 * ec2-user@localhost:testdir
The authenticity of host '[localhost]:8022 ([::1]:8022)' can't be established.
ECDSA key fingerprint is SHA256:rrwr62yjP2cgUTT9SowdlrIwGi4jMMwt5x4Aj6E4Y3Y.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '[localhost]:8022' (ECDSA) to the list of known hosts.
/etc/profile.d/lang.sh: line 19: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8): No such file or directory
README.md 100% 1064 24.3KB/s 00:00
但是,当我执行SSH命令时。它 returns 一个奇怪的 IP 地址。
myusername % ssh -i ~/aws/aws-keypair.pem -P 8022 ec2-user@localhost
ssh: connect to host 0.0.31.86 port 22: No route to host
这个问题的原因是什么?我该如何解决?
谢谢。
不要使用 LocalForward 并反转流程。
使用ProxyCommand or ProxyJump。这将允许 SSH 透明地打开到您的堡垒服务器的会话。
例如您的配置应该符合
Host 10.0.168.43
User root
ProxyCommand ssh -W %h:%p sshuser@awsjumpbox
...
或
Host 10.0.168.43
User root
ProxyJump sshuser@awsjumpbox
...