作为一个运维 不是你懂多少知识才是你的价值 你有幸能遇到多少错误才是你的最大的价值
知识 你有我有大家有 错误我有你没有 这便是我的价值
我遇到一个错误 蛮难遇到的一个错误 所以想分享给大家
下面我在模拟机演示给大家 用 root权限 避免你们说是因为权限的错误
2017年9月5日 我在切换sftp时候遇到一个错误(端口号是22 说写端口号的闭嘴)
[root@backup ssh]# sftp -oPort=22 [email protected]
Connecting to 10.0.0.31...
The authenticity of host '10.0.0.31 (10.0.0.31)' can't be established.
RSA key fingerprint is 25:4d:a6:65:1b:77:85:41:f0:18:07:c8:e0:12:c9:9b.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.31' (RSA) to the list of known hosts.
[email protected]'s password:
subsystem request failed on channel 0
Couldn't read packet: Connection reset by peer
我们来看看这个错误
Couldn't read packet: Connection reset by peer
无法读取数据包:通过对等项重置连接
这是一个很难遇到的错误
排查之路:
tail -f /var/log/messages
Sep 5 12:31:53 backup sshd[3131]: subsystem request for sftp failed, subsyst found
Sep 5 12:37:15 backup sshd[3136]: Accepted password for root from 10.0.0.31 9088 ssh2
Sep 5 12:37:15 backup sshd[3136]: subsystem request for sftp
Sep 5 12:37:15 backup sshd[3136]: subsystem request for sftp failed, subsyst found
[root@backup ssh]# rpm -ql openssh-clients
/etc/ssh/ssh_config
/usr/bin/.ssh.hmac
/usr/bin/scp
/usr/bin/sftp
/usr/bin/slogin
/usr/bin/ssh
/usr/bin/ssh-add
/usr/bin/ssh-agent
/usr/bin/ssh-copy-id
[root@backup ssh]# grep sftp /etc/ssh/sshd_config
Subsystem sftp /usr/libexec/openssh/sftp-server
[root@backup ssh]# ll /usr/libexec/openssh/sftp-server
-rwxr-xr-x. 1 root root 67640 Mar 22 16:33 /usr/libexec/openssh/sftp-server
查看文档
If so, it's the cause of this error message. That's especially true if your sftp user is logging into a chrooted environment, where "/usr/lib" probably does not exist. My own sftp server is configured this way.
However, SSHD has the sftp functionality built-in and does not need to execute an external "helper" program like that. So, if you have a line like the above, it can be fixed by changing it to:
如果是,这是错误消息的原因。尤其是,如果您的sftp用户登录到一个chrooted环境,其中“/ usr /lib”可能不存在。我自己的sftp服务器是这样配置的。
但是,sshd具有内置的sftp功能,不需要执行像这样的外部“助手”程序。因此,如果您有类似上述的行,可以通过将其更改为:
错误解决逻辑图