1、注:技术交流 ymzhu2005163.一、AIX 安装并启用openssh1.1 ssh用途主要在ssh远程登录和安装Oracle数据库时使用。在对应的系统安装盘内,有响应的ssh安装包,尽量使用对应版本的ssh安装包,不然会有首先将系统光盘放进光驱内,使用命令#smitty easy_install重启机器,查看openssh有没有安装并启动。一般安装至此,就可以正常登录到ssh界面了安装过的文件集:lslpp -l | grep ssh查看ssh服务:lssrc -a | grep ssh启动ssh服务:startsrc -s sshd停止ssh服务:stopsrc -s sshd二、S
2、SH无法登录AIX的常见原因与解决方法2.1、sshd子系统没启动客户端登录时报错:The remote system refused the connection.如果是操作系统刚刚重启,那么稍等一下,等它启动完成。否如此,请检查它是否启动。如何检查是否启动?已启动:# lssrc -s sshdSubsystem Group PID Statussshd ssh 208930 active未启动:# lssrc -s sshd inoperative对于服务未启动这种问题,我们只要启动sshd子系统即可解决问题。如何启动sshd子系统?# startsrc -s sshd0513-059
3、The sshd Subsystem has been started. Subsystem PID is 553084.启动后检查,发现sshd已经启动,如下所示:553084active2.2、没有安装openssh怎么知道是否安装了openssh?方法一:lslpp# lslpp -l|grep ssh openssh.base.client 5.2.0.5300 MITTED Open Secure Shell mands openssh.base.server Open Secure Shell Server openssh.man.en_US Open Secure Shell o
4、penssh.msg.en_US Open Secure Shell Messages -如果没有看到类似如上的结果,说明没有安装。方法二: lssrc如果没有任何结果,一般也说明没安装。方法三:smitty listsmitty list List Installed Software and Related Information List Installed Software * SOFTWARE name all 使用 /ssh在结果中找!安装方法请参考:c:iknowdocsharedatacur_work.wo81tecosaix2014-03-272.html2.3、端口配置错误
5、查看当前端口?# cat /etc/ssh/sshd_config找到Port开头的行,如果前面有注释#Port,说明使用默认端口22,否如此就是使用了Port后面那个数字端口。2.4、修改了openssh端口,但没有重启服务这种问题一般是修改了端口后/etc/ssh/sshd_config中的Port行,没有重启openssh服务,重启方法:# stopsrc -s sshd# startsrc -ssshd2.5、修改了openssh端口,但是端口冲突了症状:客户端登录时没有反响。我曾经将/etc/ssh/sshd_config中的#Port 22 改成了 Port 25 做过测试,确实客
6、户端没有反响了,后来改成 Port 29 就可以连接上了。2.6、协议不匹配The client has disconnected from the server. Reason:Protocol version mismatch. Required protocol version is 1.3 - 1.99. Received version was 2.0.这是因为客户端登录时选择了ssh1协议,aix6.1安装openssh后默认使用2.0协议,需要客户端登录的协议改成ssh2即可登录。附件 相关资料1、查看ssh进程# ps -ef | grep sshd root 430148 1
7、59844 0 02:26:48 - 0:00 /usr/sbin/sshd2、重启sshd服务0513-044 The /usr/sbin/sshd Subsystem was requested to stop.0513-059 The sshd Subsystem has been started. Subsystem PID is241868.3、/etc/ssh/sshd_config配置文件示例# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $# This is the sshd server system-wi
8、de configuration file. See# sshd_config(5) for more information.# This sshd was piled with PATH=/usr/bin:/bin:/usr/sbin:/sbin# The strategy used for options in the default sshd_config shipped with# OpenSSH is to specify options with their default value where# possible, but leave them mented. Unmente
9、d options change a# default value.#Port 22#AddressFamily any#ListenAddress :# Disable legacy (protocol version 1) support in the server for new# installations. In future the default will change to require explicit# activation of protocol 1Protocol 2# HostKey for protocol version 1#HostKey /etc/ssh/s
10、sh_host_key# HostKeys for protocol version 2#HostKey /etc/ssh/ssh_host_rsa_key#HostKey /etc/ssh/ssh_host_dsa_key# Lifetime and size of ephemeral version 1 server key#KeyRegenerationInterval 1h#ServerKeyBits 1024# Logging# obsoletes QuietMode and FascistLogging#SyslogFacility AUTH#LogLevel INFO# Auth
11、entication:#LoginGraceTime 2m#PermitRootLogin yes#StrictModes yes#MaxAuthTries 6#MaxSessions 10#RSAAuthentication yes#PubkeyAuthentication yes#AuthorizedKeysFile .ssh/authorized_keys# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts#RhostsRSAAuthentication no# similar for protocol version 2#HostbasedAuthentication no# Change to yes if you dont trust /.ssh/known_hosts for# RhostsRSAAuthentication and HostbasedAuthentication#IgnoreUserKnownHosts no# Dont read the users /.rhosts and /.shosts files#IgnoreRhosts yes# To disable tunneled clear text passwords, change to
copyright@ 2008-2022 冰豆网网站版权所有
经营许可证编号:鄂ICP备2022015515号-1