Linux nginx+;ssh_exchange_标识:远程主机关闭的连接
nginx服务器作为反向代理服务器连接到上游,以在一个端口(12345)上分离SSH和SSL。nginx识别数据传输协议,并在两个端口上相应地分离代理后面的数据通信量->SSH转发到端口9999,SSL请求转发到端口8080(pythonweb服务器) nginx的配置如下: /etc/nginx/nginx_confLinux nginx+;ssh_exchange_标识:远程主机关闭的连接,linux,nginx,raspberry-pi,Linux,Nginx,Raspberry Pi,nginx服务器作为反向代理服务器连接到上游,以在一个端口(12345)上分离SSH和SSL。nginx识别数据传输协议,并在两个端口上相应地分离代理后面的数据通信量->SSH转发到端口9999,SSL请求转发到端口8080(pythonweb服务器) nginx的配置如下: /etc/nginx/nginx_conf [...] stream { upstream ssh { server localhost:9999; } upstream htt
[...]
stream {
upstream ssh {
server localhost:9999;
}
upstream https {
server localhost:8080;
}
map $ssl_preread_protocol $upstream {
default ssh;
"" https;
"TLSv1.2" https;
"TLSv1.3" https;
"TLSv1.1" https;
"TLSv1.0" https;
}
# SSH and SSL on the same port
server {
listen 12345;
proxy_pass $upstream;
ssl_preread on;
}
}
[...]
当通过调用web服务器时http://rpi_ip:12345,端口8080被干净地转发,并根据请求执行对web服务器的访问
问题在于试图通过SSH建立连接
我可以通过ssh本地连接到Raspberry Piuser@ip-rpi-p 9999,但不通过nginx端口12345
/etc/ssh/sshd_config中的调整
[...]
Port 9999
AddressFamily any
ListenAddress 0.0.0.0
#ListenAddress ::
[...]
对ssh的调用user@ip-rpi-p 12345-vvv带来:
OpenSSH_7.9p1 Raspbian-10+deb10u2, OpenSSL 1.1.1d 10 Sep 2019
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolve_canonicalize: hostname 192.168.2.198 is address
debug2: ssh_connect_direct
debug1: Connecting to 192.168.2.198 [192.168.2.198] port 12345.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9p1 Raspbian-10+deb10u2
debug1: ssh_exchange_identification: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
debug1: ssh_exchange_identification: "http://www.w3.org/TR/html4/strict.dtd">
debug1: ssh_exchange_identification: <html>
debug1: ssh_exchange_identification: <head>
debug1: ssh_exchange_identification: <meta http-equiv="Content-Type" content="text/html;charset=utf-8">
debug1: ssh_exchange_identification: <title>Error response</title>
debug1: ssh_exchange_identification: </head>
debug1: ssh_exchange_identification: <body>
debug1: ssh_exchange_identification: <h1>Error response</h1>
debug1: ssh_exchange_identification: <p>Error code: 400</p>
debug1: ssh_exchange_identification: <p>Message: Bad HTTP/0.9 request type ('SSH-2.0-OpenSSH_7.9p1').</p>
debug1: ssh_exchange_identification: <p>Error code explanation: HTTPStatus.BAD_REQUEST - Bad request syntax or unsupported method.</p>
debug1: ssh_exchange_identification: </body>
debug1: ssh_exchange_identification: </html>
ssh_exchange_identification: Connection closed by remote host
OpenSSH_7.9p1 Raspbian-10+deb10u2,OpenSSL 1.1.1d 2019年9月10日
debug1:读取配置数据/etc/ssh/ssh\u config
debug1:/etc/ssh/ssh\u配置第19行:应用*
debug2:resolve_规范化:主机名192.168.2.198是地址
debug2:ssh\u connect\u direct
debug1:连接到192.168.2.198[192.168.2.198]端口12345。
debug1:已建立连接。
debug1:identity file/root/.ssh/id_rsa type-1
debug1:identity file/root/.ssh/id\u rsa-cert类型-1
debug1:标识文件/root/.ssh/id_dsa类型-1
debug1:identity file/root/.ssh/id_dsa-cert类型-1
debug1:identity file/root/.ssh/id_ecdsa type-1
debug1:identity file/root/.ssh/id_ecdsa-cert type-1
debug1:identity file/root/.ssh/id_ed25519 type-1
debug1:identity file/root/.ssh/id_ed25519-cert type-1
debug1:identity file/root/.ssh/id_xmss type-1
debug1:identity file/root/.ssh/id_xmss-cert type-1
debug1:本地版本字符串SSH-2.0-OpenSSH_7.9p1 Raspbian-10+deb10u2
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:错误响应
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:错误响应
debug1:ssh\u交换\u标识:错误代码:400
debug1:ssh\u交换\u标识:消息:错误的HTTP/0.9请求类型('ssh-2.0-OpenSSH\u 7.9p1')
debug1:ssh\u交换\u标识:错误代码解释:HTTPStatus.BAD\u请求-错误请求语法或不支持的方法
debug1:ssh\u交换\u标识:
debug1:ssh\u交换\u标识:
ssh_exchange_标识:远程主机关闭的连接
在这一点上,我希望你的帮助/想法来解决我的问题。改变”https代码>到”ssh代码>应该可以工作
从:
我尝试过:更改“”https;“ssh”;ssh连接确实有效,但当我设置https连接时,浏览器中会返回以下内容:ssh-2.0-OpenSSH_7.9p1 Raspbian-10+deb10u2协议不匹配。所以现在问题变了。
map $ssl_preread_protocol $upstream {
"" ssh.example.com:22;
"TLSv1.2" new.example.com:443;
default tls.example.com:443;
}