今天打算备份一下资料,从A_Machine scp资料到V_Machine,提示:
ssh_exchange_identification: read: Connection reset by peer
lost connection
确定V_Machine ssh服务、防火墙均是正常的,立刻想到可能是portsentry过滤掉了,查看syslog
cat /var/log/syslog|grep "A_Machine ip"
May 11 13:25:52 V_Machine portsentry[1234]: attackalert: TCP SYN/Normal scan from host: 47.aa.aa.aa/47.aa.aa.aa to TCP port: 22
May 11 13:25:52 V_Machine portsentry[1234]: attackalert: Host 47.aa.aa.aa has been blocked via wrappers with string: "ALL: 47.aa.aa.aa"
果然是给portsentry过滤掉了,于是将IP都加到portsentry的白名单/usr/local/psionic/portsentry/portsentry.ignore
,重启portsentry (kill then restart),还是不能scp…..
想了想,原来portsentry是会把blocked的IP加到/etc/hosts.deny
文件的,于是编辑该文件,去除A_Machine的IP即可。
解决办法二:
vi /etc/hosts.allow
#add:
sshd: ALL
然后
service ssh restart