ssh隧道输出奇怪:输出失败;连接失败:连接超时;


18

我使用ssh user@xx.yy.zz.41 -p 1234 -D 9898命令进行隧道传输,并将firefox socks5 ip设置为127.0.0.1,其端口设置为9898。它可以成功运行,但是在终端上我的输出错误:

channel 39: open failed: connect failed: Connection timed out
channel 41: open failed: connect failed: Connection timed out
channel 42: open failed: connect failed: Connection timed out
channel 43: open failed: connect failed: Connection timed out
channel 44: open failed: connect failed: Connection timed out

它定期发生。这是什么?这是个问题吗?我能做什么?

Answers:


21

我遇到过类似的问题。如果您通过ssh与Firefox进行隧道连接,由于服务器负载或配置不正确,某些http连接可能只是超时。当连接实际超时时,您会收到一条错误消息,如您所指示的那样。

您可以使用以下命令隐藏这些消息

ssh user@xx.yy.zz.41 -p 1234 -D 9898 -q

从手册页 ssh(1)

 -q      Quiet mode.  Causes most warning and diagnostic messages to be sup-
         pressed.

禁止显示该消息将使警告不会干扰您的ssh或屏幕会话。


谢谢,这个解决方案效果很好!一个问题:即使所有浏览器进程都关闭,此超时也会定期发生。我正在尝试确定是什么原因导致超时以及将请求发送到何处。关于如何显示ssh隧道的更多详细错误信息的任何建议?
gnarbarian 18/09 / 14,19

3

将设置为GatewayPortsyes然后重试。

ssh -o 'GatewayPorts yes' user@xx.yy.zz.41 -p 1234 -D 9898

man ssh_config

 DynamicForward
         Specifies that a TCP port on the local machine be forwarded over the secure channel, and the application protocol
         is then used to determine where to connect to from the remote machine.

         The argument must be [bind_address:]port.  IPv6 addresses can be specified by enclosing addresses in square
         brackets.  By default, the local port is bound in accordance with the GatewayPorts setting.  However, an explicit
         bind_address may be used to bind the connection to a specific address.  The bind_address of “localhost” indicates
         that the listening port be bound for local use only, while an empty address or ‘*’ indicates that the port should
         be available from all interfaces.

         Currently the SOCKS4 and SOCKS5 protocols are supported, and ssh(1) will act as a SOCKS server.  Multiple for‐
         wardings may be specified, and additional forwardings can be given on the command line.  Only the superuser can
         forward privileged ports.

 GatewayPorts
         Specifies whether remote hosts are allowed to connect to local forwarded ports.  By default, ssh(1) binds local
         port forwardings to the loopback address.  This prevents other remote hosts from connecting to forwarded ports.
         GatewayPorts can be used to specify that ssh should bind local port forwardings to the wildcard address, thus
         allowing remote hosts to connect to forwarded ports.  The argument must be “yes” or “no”.  The default is “no”.

1
我使用-o'GatewayPorts yes',但是再次发生此错误。
Arash Mousavi

GatewayPorts不是问题。网关端口使ssh服务器可以侦听非本地端口。进行反向隧道时,GatewayPorts变得非常有用-允许专用网络中的主机连接回ssh客户端主机。Gordolio恰好位于上面:由本地ssh启动的SOCKS服务器在无法访问SOCKS客户端用户请求的主机/端口时抱怨(如Gordolio的示例Firefox)。
马克
By using our site, you acknowledge that you have read and understand our Cookie Policy and Privacy Policy.
Licensed under cc by-sa 3.0 with attribution required.