здравствуйте!
- проблемма: 1.не могу поменять порт. 2. не могу соедениться, и непойму в чём проблемма.
- в крации....
решил я сделать следующее: на одном модеме (потом будет на двух разных) сидят 2 компа. один виндоус (использую putty) один линус. хочу упровлять тем компом где линукс.
что я сделал: 1. установил я no-ip, поскольку у меня динамичный ip. команда «host XXXX.hopto.org» выдаёт мне что мой настоящий ip присвоен (для примера, он будет 1.2.3.4)
2. установил SHH по всем инструкциям (облазил весь и-нет).
--------------------------------------------
показываю данные: service ssh status
● ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; disabled; vendor preset: dis Active: active (running) since Sat 2017-11-18 23:23:03 IST; 35min ago Process: 2011 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS) Main PID: 2012 (sshd) Tasks: 1 (limit: 4915) CGroup: /system.slice/ssh.service └─2012 /usr/sbin/sshd -D
ноя 18 23:23:03 1111 systemd[1]: Starting OpenBSD Secure Shell server... ноя 18 23:23:03 1111 sshd[2012]: Server listening on 0.0.0.0 port 22. ноя 18 23:23:03 1111 sshd[2012]: Server listening on :: port 22. ноя 18 23:23:03 1111 systemd[1]: Started OpenBSD Secure Shell server.
------------------------------------
данные: service noip2 status
● noip2.service - LSB: Start noip2 at boot time Loaded: loaded (/etc/init.d/noip2; generated; vendor preset: disabled) Active: active (running) since Sat 2017-11-18 23:20:50 IST; 42min ago Docs: man:systemd-sysv-generator(8) Process: 1988 ExecStop=/etc/init.d/noip2 stop (code=exited, status=0/SUCCESS) Process: 1990 ExecStart=/etc/init.d/noip2 start (code=exited, status=0/SUCCESS) Tasks: 1 (limit: 4915) CGroup: /system.slice/noip2.service └─1992 /usr/local/bin/noip2
ноя 18 23:20:50 1111 systemd[1]: Starting LSB: Start noip2 at boot time... ноя 18 23:20:50 1111 noip2[1990]: Starting dynamic address update: noip2. ноя 18 23:20:50 1111 noip2[1992]: v2.1.9 daemon started with NAT enabled ноя 18 23:20:50 1111 systemd[1]: Started LSB: Start noip2 at boot time. ноя 18 23:20:51 1111 noip2[1992]: хххх.hopto.org was already set to 1.2.3.4
--------------------------------- данные: /etc/ssh/sshd_config
$OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $
# This is the sshd server system-wide configuration file. See # sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options override the # default value.
#Port 5678 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress ::
#HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key
# Ciphers and keying #RekeyLimit default none
# Logging #SyslogFacility AUTH #LogLevel INFO
# Authentication:
#LoginGraceTime 2m #PermitRootLogin yes #MaxAuthTries 6 #MaxSessions 10
#PubkeyAuthentication yes
# Expect .ssh/authorized_keys2 to be disregarded by default in future. #AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none #AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no
# Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no
# GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes #GSSAPIStrictAcceptorCheck yes #GSSAPIKeyExchange no
# Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of «PermitRootLogin without-password». # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes
#AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes PrintMotd no #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS no #PidFile /var/run/sshd.pid #MaxStartups 10:30:100 #PermitTunnel no #ChrootDirectory none #VersionAddendum none
# no default banner path #Banner none
# Allow client to pass locale environment variables AcceptEnv LANG LC_*
# override default of no subsystems Subsystem sftp /usr/lib/openssh/sftp-server
# Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no # AllowTcpForwarding no # PermitTTY no # ForceCommand cvs server
------------------------------------
данные /var/lib/dpkg/inf/openssh-server.postinst
#!/bin/sh set -e
. /usr/share/debconf/confmodule db_version 2.0
action=«$1» oldversion=«$2»
umask 022
get_config_option() { option=«$1»
[ -f /etc/ssh/sshd_config ] || return
# TODO: actually only one '=' allowed after option perl -lne ' s/[[:space:]]+/ /g; s/[[:space:]]+$//; print if s/^[[:space:]]*'«$option»'[[:space:]=]+//i' \ /etc/ssh/sshd_config }
host_keys_required() { hostkeys=«$(get_config_option HostKey)» if [ «$hostkeys» ]; then echo «$hostkeys» else # No HostKey directives at all, so the server picks some # defaults. echo /etc/ssh/ssh_host_rsa_key echo /etc/ssh/ssh_host_ecdsa_key echo /etc/ssh/ssh_host_ed25519_key fi }
create_key() { msg=«$1» shift hostkeys=«$1» shift file=«$1» shift
if echo «$hostkeys» | grep -x «$file» >/dev/null && \ [ ! -f «$file» ] ; then echo -n $msg ssh-keygen -q -f «$file» -N " «$@» echo if which restorecon >/dev/null 2>&1; then restorecon «$file» «$file.pub» fi ssh-keygen -l -f «$file.pub» fi }
create_keys() { hostkeys=«$(host_keys_required)» create_key «Creating SSH2 RSA key; this may take some time ...» \ «$hostkeys» /etc/ssh/ssh_host_rsa_key -t rsa create_key «Creating SSH2 DSA key; this may take some time ...» \ «$hostkeys» /etc/ssh/ssh_host_dsa_key -t dsa create_key «Creating SSH2 ECDSA key; this may take some time ...» \ «$hostkeys» /etc/ssh/ssh_host_ecdsa_key -t ecdsa create_key «Creating SSH2 ED25519 key; this may take some time ...» \ «$hostkeys» /etc/ssh/ssh_host_ed25519_key -t ed25519 }
new_config=
cleanup() { if [ «$new_config» ]; then rm -f «$new_config» fi }
create_sshdconfig() { # XXX cjwatson 2016-12-24: This debconf template is very confusingly # named; its description is «Disable SSH password authentication for # root?», so true -> prohibit-password (the upstream default), # false -> yes. db_get openssh-server/permit-root-login permit_root_login=«$RET»
trap cleanup EXIT new_config=«$(tempfile)» cp -a /usr/share/openssh/sshd_config «$new_config»
if [ «$permit_root_login» != true ]; then sed -i 's/^#*PermitRootLogin .*/PermitRootLogin yes/' \ «$new_config» fi mkdir -p /etc/ssh ucf --three-way --debconf-ok \ --sum-file /usr/share/openssh/sshd_config.md5sum \ «$new_config» /etc/ssh/sshd_config ucfr openssh-server /etc/ssh/sshd_config }
fix_statoverride() { # Remove an erronous override for sshd (we should have overridden ssh) if dpkg-statoverride --list /usr/sbin/sshd >/dev/null; then dpkg-statoverride --remove /usr/sbin/sshd fi }
setup_sshd_user() { if ! getent passwd sshd >/dev/null; then adduser --quiet --system --no-create-home --home /run/sshd --shell /usr/sbin/nologi$ fi }
if [ «$action» = configure ]; then create_sshdconfig create_keys fix_statoverride setup_sshd_user # Renamed to /etc/ssh/moduli in 2.9.9 (!) if dpkg --compare-versions «$2» lt-nl 1:4.7p1-1; then rm -f /etc/ssh/primes fi if dpkg --compare-versions «$2» lt-nl 1:5.5p1-6; then rm -f /run/sshd/.placeholder fi if dpkg --compare-versions «$2» lt-nl 1:6.5p1-2 && \ deb-systemd-helper debian-installed ssh.socket && \ deb-systemd-helper --quiet was-enabled ssh.service && \ deb-systemd-helper --quiet was-enabled ssh.socket; then # 1:6.5p1-1 mistakenly left both ssh.service and ssh.socket # enabled. deb-systemd-helper disable ssh.socket >/dev/null || true fi if dpkg --compare-versions «$2» lt-nl 1:6.5p1-3 && \ [ -d /run/systemd/system ]; then # We must stop the sysvinit-controlled sshd before we can # restart it under systemd. start-stop-daemon --stop --quiet --oknodo --pidfile /run/sshd.pid --exec /usr/sbin/sshd$ fi fi
# Automatically added by dh_systemd_enable/10.9 # This will only remove masks created by d-s-h on package removal. deb-systemd-helper unmask ssh.service >/dev/null || true
# was-enabled defaults to true, so new installations run enable. if deb-systemd-helper --quiet was-enabled ssh.service; then # Enables the unit on first installation, creates new # symlinks on upgrades if the unit file has changed. deb-systemd-helper enable ssh.service >/dev/null || true else # Update the statefile to add new symlinks (if any), which need to be # cleaned up on purge. Also remove old symlinks. deb-systemd-helper update-state ssh.service >/dev/null || true fi # End automatically added section # Automatically added by dh_systemd_enable/10.9 if deb-systemd-helper debian-installed ssh.socket; then # This will only remove masks created by d-s-h on package removal. deb-systemd-helper unmask ssh.socket >/dev/null || true
if deb-systemd-helper --quiet was-enabled ssh.socket; then # Create new symlinks, if any. deb-systemd-helper enable ssh.socket >/dev/null || true fi fi
# Update the statefile to add new symlinks (if any), which need to be cleaned # up on purge. Also remove old symlinks. deb-systemd-helper update-state ssh.socket >/dev/null || true # End automatically added section # Automatically added by dh_installinit/10.9 if [ «$1» = «configure» ] || [ «$1» = «abort-upgrade» ]; then if [ -x «/etc/init.d/ssh» ]; then update-rc.d ssh defaults >/dev/null if [ -n «$2» ]; then _dh_action=restart else _dh_action=start fi invoke-rc.d ssh $_dh_action || exit $? fi fi # End automatically added section # Automatically added by dh_installdeb/10.9 dpkg-maintscript-helper mv_conffile /etc/pam.d/ssh /etc/pam.d/sshd 1:4.7p1-4~ — «$@» # End automatically added section # Automatically added by dh_installdeb/10.9 dpkg-maintscript-helper rm_conffile /etc/init/ssh.conf 1:7.5p1-6~ — «$@» # End automatically added section
db_stop
exit 0
----------------------------
данные netstat -ntpua |grep 5678 НЕ ВЫДАЁТ НЕЧЕГО
------------
данные netstat -ntpua |grep 22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2012/sshd tcp6 0 0 :::22 :::* LISTEN 2012/sshd -------------------------------------------------- данные netstat -tupln | grep ssh
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2012/sshd tcp6 0 0 :::22 :::* LISTEN 2012/sshd
----------
данные ssh хххх.hopto.org
ssh: connect to host хххх.hopto.org port 22: Connection refused
---------- данные iptables -L -n~
Chain INPUT (policy ACCEPT) target prot opt source destination
Chain FORWARD (policy ACCEPT) target prot opt source destination
Chain OUTPUT (policy ACCEPT) target prot opt source destination
--------
данные /etc/ssh/ssh_config
ПУСТО
-----------------------
настройки модема:
открыл порты TCP & UDP
на порты: 22, 5678
ip источника 0,0,0,0
ip получателя 10.0.0.138 ------------------------------------
putty - в отделе IP пишу xxxx.hopto.org в порту пробывал и 22, и 5678
------------------------------
что мне нужно исправить чтоб зароботало?
