Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/linux/23.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Linux nginx+;ssh_exchange_标识:远程主机关闭的连接_Linux_Nginx_Raspberry Pi - Fatal编程技术网
Fatal编程技术网
  • linux/
  • Linux nginx+;ssh_exchange_标识:远程主机关闭的连接

Linux nginx+;ssh_exchange_标识:远程主机关闭的连接

linux nginx raspberry-pi

Linux nginx+;ssh_exchange_标识:远程主机关闭的连接,linux,nginx,raspberry-pi,Linux,Nginx,Raspberry Pi,nginx服务器作为反向代理服务器连接到上游,以在一个端口(12345)上分离SSH和SSL。nginx识别数据传输协议,并在两个端口上相应地分离代理后面的数据通信量->SSH转发到端口9999,SSL请求转发到端口8080(pythonweb服务器) nginx的配置如下: /etc/nginx/nginx_conf [...] stream { upstream ssh { server localhost:9999; } upstream htt

nginx服务器作为反向代理服务器连接到上游,以在一个端口(12345)上分离SSH和SSL。nginx识别数据传输协议,并在两个端口上相应地分离代理后面的数据通信量->SSH转发到端口9999,SSL请求转发到端口8080(pythonweb服务器)

nginx的配置如下:

/etc/nginx/nginx_conf

[...]

stream {
    upstream ssh {
        server localhost:9999;
    }

    upstream https {
        server localhost:8080;
    }

    map $ssl_preread_protocol $upstream {
        default ssh;
        "" https;
        "TLSv1.2" https;
        "TLSv1.3" https;
        "TLSv1.1" https;
        "TLSv1.0" https;
    }

    # SSH and SSL on the same port
    server {
        listen 12345;

        proxy_pass $upstream;
        ssl_preread on;
    }
}

[...]
当通过调用web服务器时http://rpi_ip:12345,端口8080被干净地转发,并根据请求执行对web服务器的访问

问题在于试图通过SSH建立连接

我可以通过ssh本地连接到Raspberry Piuser@ip-rpi-p 9999,但不通过nginx端口12345

/etc/ssh/sshd_config中的调整

[...]

Port 9999
AddressFamily any
ListenAddress 0.0.0.0
#ListenAddress ::

[...]
对ssh的调用user@ip-rpi-p 12345-vvv带来:

OpenSSH_7.9p1 Raspbian-10+deb10u2, OpenSSL 1.1.1d  10 Sep 2019
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolve_canonicalize: hostname 192.168.2.198 is address
debug2: ssh_connect_direct
debug1: Connecting to 192.168.2.198 [192.168.2.198] port 12345.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Raspbian-10+deb10u2
debug1: ssh_exchange_identification: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"

debug1: ssh_exchange_identification:         "http://www.w3.org/TR/html4/strict.dtd">

debug1: ssh_exchange_identification: <html>

debug1: ssh_exchange_identification:     <head>

debug1: ssh_exchange_identification:         <meta http-equiv="Content-Type" content="text/html;charset=utf-8">

debug1: ssh_exchange_identification:         <title>Error response</title>

debug1: ssh_exchange_identification:     </head>

debug1: ssh_exchange_identification:     <body>

debug1: ssh_exchange_identification:         <h1>Error response</h1>

debug1: ssh_exchange_identification:         <p>Error code: 400</p>

debug1: ssh_exchange_identification:         <p>Message: Bad HTTP/0.9 request type ('SSH-2.0-OpenSSH_7.9p1').</p>

debug1: ssh_exchange_identification:         <p>Error code explanation: HTTPStatus.BAD_REQUEST - Bad request syntax or unsupported method.</p>

debug1: ssh_exchange_identification:     </body>

debug1: ssh_exchange_identification: </html>

ssh_exchange_identification: Connection closed by remote host

OpenSSH_7.9p1 Raspbian-10+deb10u2,OpenSSL 1.1.1d 2019年9月10日
debug1:读取配置数据/etc/ssh/ssh\u config
debug1:/etc/ssh/ssh\u配置第19行:应用*
debug2:resolve_规范化:主机名192.168.2.198是地址
debug2:ssh\u connect\u direct
debug1:连接到192.168.2.198[192.168.2.198]端口12345。
debug1:已建立连接。
debug1:identity file/root/.ssh/id_rsa type-1
debug1:identity file/root/.ssh/id\u rsa-cert类型-1
debug1:标识文件/root/.ssh/id_dsa类型-1
debug1:identity file/root/.ssh/id_dsa-cert类型-1
debug1:identity file/root/.ssh/id_ecdsa type-1
debug1:identity file/root/.ssh/id_ecdsa-cert type-1
debug1:identity file/root/.ssh/id_ed25519 type-1
debug1:identity file/root/.ssh/id_ed25519-cert type-1
debug1:identity file/root/.ssh/id_xmss type-1
debug1:identity file/root/.ssh/id_xmss-cert type-1
debug1:本地版本字符串SSH-2.0-OpenSSH_7.9p1 Raspbian-10+deb10u2
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:错误响应
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:错误响应
debug1:ssh\u交换\u标识:错误代码:400

debug1:ssh\u交换\u标识:消息:错误的HTTP/0.9请求类型('ssh-2.0-OpenSSH\u 7.9p1')

debug1:ssh\u交换\u标识:错误代码解释:HTTPStatus.BAD\u请求-错误请求语法或不支持的方法

debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:
ssh_exchange_标识:远程主机关闭的连接
在这一点上,我希望你的帮助/想法来解决我的问题。

改变
”https
”ssh应该可以工作

从:

我尝试过:更改“”https;“ssh”;ssh连接确实有效,但当我设置https连接时,浏览器中会返回以下内容:ssh-2.0-OpenSSH_7.9p1 Raspbian-10+deb10u2协议不匹配。所以现在问题变了。

map $ssl_preread_protocol $upstream {
    ""        ssh.example.com:22;
    "TLSv1.2" new.example.com:443;
    default   tls.example.com:443;
}