I intend to connect to the ubuntu, at home through ssh on the public network. The current situation is as follows:
- Home bandwidth has public network IP, and ssh port of ubuntu is mapped to public network through router port mapping
- the ubuntu of the private network connection at home is normal. Public network access can establish a TCP connection, but cannot log in
- obtain detailed connection information through
ssh-vvv IP-p 22333
as follows
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to IP port 22333.
debug1: Connection established.
debug1: identity file /home/treesea/.ssh/identity type -1
debug1: identity file /home/treesea/.ssh/identity-cert type -1
debug3: Not a RSA1 key file /home/treesea/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type "-----BEGIN"
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type "-----END"
debug3: key_read: missing keytype
debug1: identity file /home/treesea/.ssh/id_rsa type 1
debug1: identity file /home/treesea/.ssh/id_rsa-cert type -1
debug1: identity file /home/treesea/.ssh/id_dsa type -1
debug1: identity file /home/treesea/.ssh/id_dsa-cert type -1
debug1: identity file /home/treesea/.ssh/id_ecdsa type -1
debug1: identity file /home/treesea/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4
debug1: match: OpenSSH_7.6p1 Ubuntu-4 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 864 bytes for a total of 885
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96
debug2: kex_parse_kexinit: hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 909
Connection closed by IP
sshd_config of ubuntu
is as follows
1 | -sharp $OpenBSD: sshd_config,v 1.101 2017/03/14 07:19:07 djm Exp $
2
3 -sharp This is the sshd server system-wide configuration file. See
4 -sharp sshd_config(5) for more information.
5
6 -sharp This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
7
8 -sharp The strategy used for options in the default sshd_config shipped with
9 -sharp OpenSSH is to specify options with their default value where
10 -sharp possible, but leave them commented. Uncommented options override the
11 -sharp default value.
12
13 -sharpPort 22
14 -sharpAddressFamily any
15 -sharpListenAddress 0.0.0.0
16 -sharpListenAddress ::
17
18 -sharpHostKey /etc/ssh/ssh_host_rsa_key
19 -sharpHostKey /etc/ssh/ssh_host_ecdsa_key
20 -sharpHostKey /etc/ssh/ssh_host_ed25519_key
21
22 -sharp Ciphers and keying
23 -sharpRekeyLimit default none
24
25 -sharp Logging
26 -sharpSyslogFacility AUTH
27 -sharpLogLevel INFO
28
29 -sharp Authentication:
30
31 -sharpLoginGraceTime 2m
32 -sharpPermitRootLogin prohibit-password
33 -sharpStrictModes yes
34 -sharpMaxAuthTries 6
35 -sharpMaxSessions 10
36
37 -sharpPubkeyAuthentication yes
38
39 -sharp Expect .ssh/authorized_keys2 to be disregarded by default in future.
40 -sharpAuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
41
42 -sharpAuthorizedPrincipalsFile none
43
44 -sharpAuthorizedKeysCommand none
45 -sharpAuthorizedKeysCommandUser nobody
46
47 -sharp For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
48 -sharpHostbasedAuthentication no
49 -sharp Change to yes if you don"t trust ~/.ssh/known_hosts for
50 -sharp HostbasedAuthentication