здравствуйте!
-
проблемма:
1.не могу поменять порт.
2. не могу соедениться, и непойму в чём проблемма.
-
в крации....
решил я сделать следующее:
на одном модеме (потом будет на двух разных) сидят 2 компа. один виндоус (использую putty) один линус.
хочу упровлять тем компом где линукс.
что я сделал:
1. установил я no-ip, поскольку у меня динамичный ip.
команда «host XXXX.hopto.org» выдаёт мне что мой настоящий ip присвоен (для примера, он будет 1.2.3.4)
2. установил SHH по всем инструкциям (облазил весь и-нет).
--------------------------------------------
показываю данные: service ssh status
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; disabled; vendor preset: dis
Active: active (running) since Sat 2017-11-18 23:23:03 IST; 35min ago
Process: 2011 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCESS)
Main PID: 2012 (sshd)
Tasks: 1 (limit: 4915)
CGroup: /system.slice/ssh.service
└─2012 /usr/sbin/sshd -D
ноя 18 23:23:03 1111 systemd[1]: Starting OpenBSD Secure Shell server...
ноя 18 23:23:03 1111 sshd[2012]: Server listening on 0.0.0.0 port 22.
ноя 18 23:23:03 1111 sshd[2012]: Server listening on :: port 22.
ноя 18 23:23:03 1111 systemd[1]: Started OpenBSD Secure Shell server.
------------------------------------
данные: service noip2 status
● noip2.service - LSB: Start noip2 at boot time
Loaded: loaded (/etc/init.d/noip2; generated; vendor preset: disabled)
Active: active (running) since Sat 2017-11-18 23:20:50 IST; 42min ago
Docs: man:systemd-sysv-generator(8)
Process: 1988 ExecStop=/etc/init.d/noip2 stop (code=exited, status=0/SUCCESS)
Process: 1990 ExecStart=/etc/init.d/noip2 start (code=exited, status=0/SUCCESS)
Tasks: 1 (limit: 4915)
CGroup: /system.slice/noip2.service
└─1992 /usr/local/bin/noip2
ноя 18 23:20:50 1111 systemd[1]: Starting LSB: Start noip2 at boot time...
ноя 18 23:20:50 1111 noip2[1990]: Starting dynamic address update: noip2.
ноя 18 23:20:50 1111 noip2[1992]: v2.1.9 daemon started with NAT enabled
ноя 18 23:20:50 1111 systemd[1]: Started LSB: Start noip2 at boot time.
ноя 18 23:20:51 1111 noip2[1992]: хххх.hopto.org was already set to 1.2.3.4
---------------------------------
данные: /etc/ssh/sshd_config
$OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options override the
# default value.
#Port 5678
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key
# Ciphers and keying
#RekeyLimit default none
# Logging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 2m
#PermitRootLogin yes
#MaxAuthTries 6
#MaxSessions 10
#PubkeyAuthentication yes
# Expect .ssh/authorized_keys2 to be disregarded by default in future.
#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
#AuthorizedPrincipalsFile none
#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
#GSSAPIStrictAcceptorCheck yes
#GSSAPIKeyExchange no
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of «PermitRootLogin without-password».
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes
#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
PrintMotd no
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none
# no default banner path
#Banner none
# Allow client to pass locale environment variables
AcceptEnv LANG LC_*
# override default of no subsystems
Subsystem sftp /usr/lib/openssh/sftp-server
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server
------------------------------------
данные /var/lib/dpkg/inf/openssh-server.postinst
#!/bin/sh
set -e
. /usr/share/debconf/confmodule
db_version 2.0
action=«$1»
oldversion=«$2»
umask 022
get_config_option() {
option=«$1»
[ -f /etc/ssh/sshd_config ] || return
# TODO: actually only one '=' allowed after option
perl -lne '
s/[[:space:]]+/ /g; s/[[:space:]]+$//;
print if s/^[[:space:]]*'«$option»'[[:space:]=]+//i' \
/etc/ssh/sshd_config
}
host_keys_required() {
hostkeys=«$(get_config_option HostKey)»
if [ «$hostkeys» ]; then
echo «$hostkeys»
else
# No HostKey directives at all, so the server picks some
# defaults.
echo /etc/ssh/ssh_host_rsa_key
echo /etc/ssh/ssh_host_ecdsa_key
echo /etc/ssh/ssh_host_ed25519_key
fi
}
create_key() {
msg=«$1»
shift
hostkeys=«$1»
shift
file=«$1»
shift
if echo «$hostkeys» | grep -x «$file» >/dev/null && \
[ ! -f «$file» ] ; then
echo -n $msg
ssh-keygen -q -f «$file» -N " «$@»
echo
if which restorecon >/dev/null 2>&1; then
restorecon «$file» «$file.pub»
fi
ssh-keygen -l -f «$file.pub»
fi
}
create_keys() {
hostkeys=«$(host_keys_required)»
create_key «Creating SSH2 RSA key; this may take some time ...» \
«$hostkeys» /etc/ssh/ssh_host_rsa_key -t rsa
create_key «Creating SSH2 DSA key; this may take some time ...» \
«$hostkeys» /etc/ssh/ssh_host_dsa_key -t dsa
create_key «Creating SSH2 ECDSA key; this may take some time ...» \
«$hostkeys» /etc/ssh/ssh_host_ecdsa_key -t ecdsa
create_key «Creating SSH2 ED25519 key; this may take some time ...» \
«$hostkeys» /etc/ssh/ssh_host_ed25519_key -t ed25519
}
new_config=
cleanup() {
if [ «$new_config» ]; then
rm -f «$new_config»
fi
}
create_sshdconfig() {
# XXX cjwatson 2016-12-24: This debconf template is very confusingly
# named; its description is «Disable SSH password authentication for
# root?», so true -> prohibit-password (the upstream default),
# false -> yes.
db_get openssh-server/permit-root-login
permit_root_login=«$RET»
trap cleanup EXIT
new_config=«$(tempfile)»
cp -a /usr/share/openssh/sshd_config «$new_config»
if [ «$permit_root_login» != true ]; then
sed -i 's/^#*PermitRootLogin .*/PermitRootLogin yes/' \
«$new_config»
fi
mkdir -p /etc/ssh
ucf --three-way --debconf-ok \
--sum-file /usr/share/openssh/sshd_config.md5sum \
«$new_config» /etc/ssh/sshd_config
ucfr openssh-server /etc/ssh/sshd_config
}
fix_statoverride() {
# Remove an erronous override for sshd (we should have overridden ssh)
if dpkg-statoverride --list /usr/sbin/sshd >/dev/null; then
dpkg-statoverride --remove /usr/sbin/sshd
fi
}
setup_sshd_user() {
if ! getent passwd sshd >/dev/null; then
adduser --quiet --system --no-create-home --home /run/sshd --shell /usr/sbin/nologi$
fi
}
if [ «$action» = configure ]; then
create_sshdconfig
create_keys
fix_statoverride
setup_sshd_user
# Renamed to /etc/ssh/moduli in 2.9.9 (!)
if dpkg --compare-versions «$2» lt-nl 1:4.7p1-1; then
rm -f /etc/ssh/primes
fi
if dpkg --compare-versions «$2» lt-nl 1:5.5p1-6; then
rm -f /run/sshd/.placeholder
fi
if dpkg --compare-versions «$2» lt-nl 1:6.5p1-2 && \
deb-systemd-helper debian-installed ssh.socket && \
deb-systemd-helper --quiet was-enabled ssh.service && \
deb-systemd-helper --quiet was-enabled ssh.socket; then
# 1:6.5p1-1 mistakenly left both ssh.service and ssh.socket
# enabled.
deb-systemd-helper disable ssh.socket >/dev/null || true
fi
if dpkg --compare-versions «$2» lt-nl 1:6.5p1-3 && \
[ -d /run/systemd/system ]; then
# We must stop the sysvinit-controlled sshd before we can
# restart it under systemd.
start-stop-daemon --stop --quiet --oknodo --pidfile /run/sshd.pid --exec /usr/sbin/sshd$
fi
fi
# Automatically added by dh_systemd_enable/10.9
# This will only remove masks created by d-s-h on package removal.
deb-systemd-helper unmask ssh.service >/dev/null || true
# was-enabled defaults to true, so new installations run enable.
if deb-systemd-helper --quiet was-enabled ssh.service; then
# Enables the unit on first installation, creates new
# symlinks on upgrades if the unit file has changed.
deb-systemd-helper enable ssh.service >/dev/null || true
else
# Update the statefile to add new symlinks (if any), which need to be
# cleaned up on purge. Also remove old symlinks.
deb-systemd-helper update-state ssh.service >/dev/null || true
fi
# End automatically added section
# Automatically added by dh_systemd_enable/10.9
if deb-systemd-helper debian-installed ssh.socket; then
# This will only remove masks created by d-s-h on package removal.
deb-systemd-helper unmask ssh.socket >/dev/null || true
if deb-systemd-helper --quiet was-enabled ssh.socket; then
# Create new symlinks, if any.
deb-systemd-helper enable ssh.socket >/dev/null || true
fi
fi
# Update the statefile to add new symlinks (if any), which need to be cleaned
# up on purge. Also remove old symlinks.
deb-systemd-helper update-state ssh.socket >/dev/null || true
# End automatically added section
# Automatically added by dh_installinit/10.9
if [ «$1» = «configure» ] || [ «$1» = «abort-upgrade» ]; then
if [ -x «/etc/init.d/ssh» ]; then
update-rc.d ssh defaults >/dev/null
if [ -n «$2» ]; then
_dh_action=restart
else
_dh_action=start
fi
invoke-rc.d ssh $_dh_action || exit $?
fi
fi
# End automatically added section
# Automatically added by dh_installdeb/10.9
dpkg-maintscript-helper mv_conffile /etc/pam.d/ssh /etc/pam.d/sshd 1:4.7p1-4~ — «$@»
# End automatically added section
# Automatically added by dh_installdeb/10.9
dpkg-maintscript-helper rm_conffile /etc/init/ssh.conf 1:7.5p1-6~ — «$@»
# End automatically added section
db_stop
exit 0
----------------------------
данные netstat -ntpua |grep 5678
НЕ ВЫДАЁТ НЕЧЕГО
------------
данные netstat -ntpua |grep 22
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2012/sshd
tcp6 0 0 :::22 :::* LISTEN 2012/sshd
--------------------------------------------------
данные netstat -tupln | grep ssh
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2012/sshd
tcp6 0 0 :::22 :::* LISTEN 2012/sshd
----------
данные ssh хххх.hopto.org
ssh: connect to host хххх.hopto.org port 22: Connection refused
----------
данные iptables -L -n~
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
--------
данные /etc/ssh/ssh_config
ПУСТО
-----------------------
настройки модема:
открыл порты TCP & UDP
на порты: 22, 5678
ip источника 0,0,0,0
ip получателя 10.0.0.138
------------------------------------
putty -
в отделе IP пишу xxxx.hopto.org
в порту пробывал и 22, и 5678
------------------------------
что мне нужно исправить чтоб зароботало?