Windows SSH无法连接之“connection reset by ip_address port 22“问题解决

现象：ssh 链接服务器，报如下错误，链接不上

Connection reset by 10.251.130.26 port 22

 

查看Client的日志信息如下，没有明显的错误

 

C:\Users\lenovo>ssh -v [email protected]

OpenSSH_for_Windows_7.7p1, LibreSSL 2.6.5

debug1: Connecting to 10.251.130.26 [10.251.130.26] port 22.

debug1: Connection established.

debug1: identity file C:\\Users\\lenovo/.ssh/id_rsa type 0

debug1: key_load_public: No such file or directory

debug1: identity file C:\\Users\\lenovo/.ssh/id_rsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file C:\\Users\\lenovo/.ssh/id_dsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file C:\\Users\\lenovo/.ssh/id_dsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file C:\\Users\\lenovo/.ssh/id_ecdsa type -1

debug1: key_load_public: No such file or directory

debug1: identity file C:\\Users\\lenovo/.ssh/id_ecdsa-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file C:\\Users\\lenovo/.ssh/id_ed25519 type -1

debug1: key_load_public: No such file or directory

debug1: identity file C:\\Users\\lenovo/.ssh/id_ed25519-cert type -1

debug1: key_load_public: No such file or directory

debug1: identity file C:\\Users\\lenovo/.ssh/id_xmss type -1

debug1: key_load_public: No such file or directory

debug1: identity file C:\\Users\\lenovo/.ssh/id_xmss-cert type -1

debug1: Local version string SSH-2.0-OpenSSH_for_Windows_7.7

debug1: Remote protocol version 2.0, remote software version OpenSSH_for_Windows_7.7

debug1: match: OpenSSH_for_Windows_7.7 pat OpenSSH* compat 0x04000000

debug1: Authenticating to 10.251.130.26:22 as 'sshd'

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: algorithm: curve25519-sha256

debug1: kex: host key algorithm: ecdsa-sha2-nistp256

debug1: kex: server->client cipher: [email protected] MAC: compression: none

debug1: kex: client->server cipher: [email protected] MAC: compression: none

debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

debug1: Server host key: ecdsa-sha2-nistp256 SHA256:kjPpzO1sjwdv811Dyw33WJKrpolg1B61HVz0t+hGfH4

debug1: Host '10.251.130.26' is known and matches the ECDSA host key.

debug1: Found key in C:\\Users\\lenovo/.ssh/known_hosts:1

debug1: rekey after 134217728 blocks

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: rekey after 134217728 blocks

debug1: SSH2_MSG_EXT_INFO received

debug1: kex_input_ext_info: server-sig-algs=

debug1: SSH2_MSG_SERVICE_ACCEPT received

Connection reset by 10.251.130.26 port 22

 

打开server的日志开关

打开文件C:\ProgramData\ssh\ sshd_config，修改SyslogFacility的配置如下

# Logging

SyslogFacility LOCAL0

#LogLevel INFO

 

重启SSH server的服务

 

客户端再进行访问，在路径下发现有日志文件sshd

C:\ProgramData\ssh\logs

 

打开文件发现报如下错误：

8696 2021-04-21 12:03:03.033 fatal: check_group_membership CheckTokenMembership for user sshd failed with 1309 for group administrators

 

找了网上找不到可能的原因，打开sshd用户的信息，发现其是管理员，但是不属于Administrators组。

所以想到的解决方案是换个用户试试，lenovo修改下密码，密码不能为空，再尝试连接，发现没有问题了。

其实是没有彻底解决问题，就是变通了一下，具体解决可能要看看怎么设置sshd的用户信息。

C:\Users\lenovo>ssh -v lenovo @10.251.130.26

………

………

[email protected]'s password: