我正在尝试在服务器和几个客户端盒之间建立可靠的反向隧道。我正在使用autossh来重新建立连接,如果它们掉线或过时但我遇到了一些问题。
服务器: 服务器具有链接到DDNS服务的动态IP。我希望SSH中的'-o“CheckHostIP = no”'参数可以防止服务器的IP发生变化时出现问题。 服务器通过端口转发从其网关路由器获取SSH。路由器端口3141上的传入连接转到服务器端口22。
客户: 每个客户端从配置文件获得不同的autossh监控端口和反向隧道端口。 python脚本读取cfg文件并构建一个使用“os.system(cmd)”运行的autossh cmd。它们各自具有用于进入服务器的密钥。目前,AutoSSH命令在重新启动时从cron运行,所有输出都记录在文本文件中。命令是:
autossh -v -M 23000 -N -o "CheckHostIP=no" -o "ExitOnForwardFailure=yes" -o "ServerAliveInterval=10" -o "PubkeyAuthentication=yes" -o "PasswordAuthentication=no" -i /home/client1/.ssh/id_ed25519 -R 22000:localhost:22 user@server.ddns.org -p 3141
该命令在终端中调用时工作正常但不能从cron工作。
来自CRON:
OpenSSH_6.7p1 Raspbian-5+deb8u1, OpenSSL 1.0.1k 8 Jan 2015
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to server.org [x.x.x.x] port 3141.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /home/user/.ssh/id_ed25519 type 4
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Raspbian-5+deb8u1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Raspbian-5
debug1: match: OpenSSH_6.7p1 Raspbian-5 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr umac-64-etm@openssh.com none
debug1: kex: client->server aes128-ctr umac-64-etm@openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 82:dd:b6:88:33:00:bb:aa:ee:08:7b:19:01:ae:da:34
debug1: Host '[server.org]:3141' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:2
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
SERVER: Server hello message
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering ED25519 public key: /home/user/.ssh/id_ed25519
debug1: Server accepts key: pkalg ssh-ed25519 blen 51
debug1: Authentication succeeded (publickey).
Authenticated to server.org ([x.x.x.x]:3141).
debug1: Local connections to LOCALHOST:23000 forwarded to remote address 127.0.0.1:23000
debug1: Local forwarding listening on 127.0.0.1 port 23000.
debug1: channel 0: new [port listener]
socket: Address family not supported by protocol
debug1: Remote connections from LOCALHOST:23000 forwarded to local address 127.0.0.1:23001
debug1: Remote connections from LOCALHOST:22000 forwarded to local address localhost:22
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: remote forward failure for: listen 23000, connect 127.0.0.1:23001
Error: remote port forwarding failed for listen port 23000
如果我从终端运行相同的命令,输出是相同的,除了最后几行:
socket: Address family not supported by protocol
debug1: Remote connections from LOCALHOST:23000 forwarded to local address 127.0.0.1:23001
debug1: Remote connections from LOCALHOST:22000 forwarded to local address localhost:22
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: remote forward success for: listen 23000, connect 127.0.0.1:23001
debug1: remote forward success for: listen 22000, connect localhost:22
debug1: All remote forwarding requests processed
关于为什么它不能从cron工作的任何想法?我怎样才能让它在启动时运行并密切关注它?
编辑: 重新启动客户端后调用“ps aux | grep autossh”表示python autossh命令未运行。日志文件以“错误:远程端口转发失败”消息结束,并且不继续尝试。这是一个python问题,autossh问题还是cron问题?