SSH的安装及登录提示:connection refused的解决办法
2011-08-03 23:41:05 by 【6yang】, 90 visits, 收藏 | 返回
转载请注明出处:http://hi.baidu.com/leejun_2005/blog/item/fbc27c4b20e83d3a08f7ef23.html?timeStamp=1309179713928
from:http://hi.baidu.com/tunaisen/blog/item/85e0a41805ed9fb24bedbcf3.html
如果出现ssh: connect to host XX.XX.XX.XX port 22: Connection refused
请按如下步骤检查:
1、目标主机的ssh server端程序是否安装、服务是否启动,是否在侦听22端口;
检查方法:
june@ubuntu:~$ ps -ef|grep sshd
root 2859 1 020:29 ? 00:00:00 /usr/sbin/sshd -D
root 2901 2859 020:31 ? 00:00:00 sshd: june[priv]
june 2971 2901 020:31 ? 00:00:00 sshd:june@pts/1
june@ubuntu:~$
其中/usr/sbin/sshd为ssh clinet/server中server端的守护进程,如果上述结果中没有sshd出现,那么可能就是你的server端程序没有安装(Ubuntu 11.04 默认没有安装ssh server,只安装了ssh client),或者sshd服务没有启动,这两者的解决办法请见下文详述。
2、是否允许该用户登录;
3、本机是否设置了iptables规则,禁止了ssh的连入/连出;
检查方法:
june@ubuntu:~$sudo iptables -L
[sudo] password for june:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
june@ubuntu:~$
4、查查ssh的配置文件
ls -lrt /etc/ssh
针对第一点没有安装ssh server或者没开启sshd的用户,可以参考这篇:
Ubuntu如何开启SSH服务
SSH分客户端openssh-client和openssh-server
如果你只是想登陆别的机器的SSH只需要安装openssh-client(ubuntu有默认安装,如果没有则sudo apt-get install openssh-client),如果要使本机开放SSH服务就需要安装openssh-server:sudo apt-get install openssh-server然后确认sshserver是否启动了:
ps -e |grep ssh
如果看到sshd那说明ssh-server已经启动了。
如果没有则可以这样启动:sudo /etc/init.d/ssh start
ssh-server配置文件位于/etc/ssh/sshd_config,在这里可以定义SSH的服务端口,默认端口是22,你可以自己定义成其他端口号,如222。
然后重启SSH服务:
sudo /etc/init.d/ssh stop
sudo /etc/init.d/ssh start
然后使用以下方式登陆SSH:
ssh
[email protected] tuns为192.168.0.100机器上的用户名,需要输入密码。
断开连接:exit
完整过程如下所示:
june@~ 19:57:22>
ssh
[email protected]
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOINGSOMETHING NASTY!
Someone could be eavesdropping on you rightnow (man-in-the-middle attack)!
It is also possible that a host key hasjust been changed.
The fingerprint for the RSA key sent by theremote host is
7f:57:35:cf:23:86:12:cb:e5:51:7a:a3:57:71:15:71.
Please contact your system administrator.
Add correct host key in/home/june/.ssh/known_hosts to get rid of this message.
Offending RSA key in/home/june/.ssh/known_hosts:8
RSA host key for 192.168.1.101 has changedand you have requested strict checking.
Host key verification failed.
june@~ 20:30:55>
june@~ 20:31:36>
rm /home/june/.ssh/known_hosts
june@~ 20:31:46>
ssh
[email protected]
The authenticity of host '192.168.1.101(192.168.1.101)' can't be established.
ECDSA key fingerprint is50:9b:b7:15:c0:57:aa:d6:22:7c:97:40:6e:49:6e:94.
Are you sure you want to continueconnecting (yes/no)? yes
Warning: Permanently added '192.168.1.101'(ECDSA) to the list of known hosts.
[email protected]'s password:
Welcome to Ubuntu 11.04 (GNU/Linux2.6.38-8-generic i686)
*Documentation: https://help.ubuntu.com/
Last login: Sat Jun 25 12:38:24 2011
june@ubuntu:~$
