ssh2模块使用从CLI成功的信用卡静默失败
[英]ssh2 module fails silently with creds that succeed from CLI
问题描述
I've successfully ssh 'd into Google Cloud Compute via CLI with a command like the following: 
我已经成功地ssh “d为通过CLI谷歌云计算与类似下面的命令:
ssh -i ~/.ssh/my-ssh-key me@ipnumber
But using the ssh2 module isn't giving any output, including errors. 但是使用ssh2模块不会提供任何输出,包括错误。
var fs = require('fs');
var Client = require('ssh2').Client;
var connSettings = {
host: IP, // 'XXX.XXX.XXX.XX'
port: PORT, // XXXX
username: ME,
privateKey: privateKey, //fs.readFileSync(location, 'utf8')
passphrase: passphrase,
password: password
};
var conn = new Client();
conn.on('ready', function() { //first example in README
console.log('Client :: ready');
conn.exec('uptime', function(err, stream) {
if (err) throw err; //nothing
stream.on('close', function(code, signal) {
console.log('Stream :: close :: code: ' + code + ', signal: ' + signal); //nothing
conn.end();
}).on('data', function(data) {
console.log('STDOUT: ' + data); //nothing
}).stderr.on('data', function(data) {
console.log('STDERR: ' + data); //nothing
});
});
})
.on('error', function(err) {
console.error('err', error); //nothing
})
.connect(connSettings);
I'm tailing /var/log/secure as I'm debugging the node script and I can see log entries when I ssh in and close the session from CLI, but nothing at all when I try through node ssh2 . 当我正在调试节点脚本时,我正在跟踪/var/log/secure我在ssh进入并从CLI关闭会话时可以看到日志条目,但是当我尝试通过节点ssh2时什么都没有。
What could be causing this connection to fail silently? 什么可能导致此连接无声地失败?
1 个解决方案
解决方案1
5 已采纳 2017-01-30 00:12:58
UPDATE : I have it on good authority that your client would log the server ident string , and that is sent immediately upon connection. 更新 :我有良好的权限,您的客户端将记录服务器标识字符串 ,并在连接后立即发送。 So if you don't see that information, it must be the case that the server is not sending anything . 因此,如果您没有看到该信息,则必须是服务器未发送任何内容的情况 。 Now since you tried with CLI SSH and it works, once we exclude the impossible, the only remaining explanation, unlikely as it may seem, is that you are not connecting to the same server/port . 现在,既然您尝试使用CLI SSH并且它可以正常工作,那么一旦我们排除了不可能的情况,唯一剩下的解释(不太可能看起来似乎)是您没有连接到同一服务器/端口 。 For some reason, port 8080 on the destination server isn't running a SSH2 server. 由于某种原因,目标服务器上的端口8080未运行SSH2服务器。
One possible interpretation is this: the server is running something else on port 8080, that allows connection but doesn't send anything initially (eg a HTTP server). 一种可能的解释是:服务器在端口8080上运行其他东西,它允许连接但最初不发送任何东西(例如HTTP服务器)。 When you connect with the CLI SSH, you think that it is using port 8080, but for some reason that directive in the ssh_config file does not kick in, and the CLI SSH connects to the true SSH server, and works, while the node SSH connects to a different server, and that's why it does not work. 当您使用CLI SSH连接时,您认为它正在使用端口8080,但由于某种原因,ssh_config文件中的指令没有启动,并且CLI SSH连接到真正的SSH服务器,并且工作,而节点SSH连接到不同的服务器,这就是它不起作用的原因。
To check, try telnet'ting to port 8080 of that server and verify that it does respond with a SSH2 banner: 要检查,请尝试telnet'ting到该服务器的端口8080并验证它是否确实响应了SSH2横幅:
Connected to xxx.xxx.xxx.xxx port 22
Escape character is '^]'.
SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
^C
Connection closed by foreign host.
If it does not answer with the "SSH-..." banner, I think this demonstrates sufficiently that the CLI SSH is connecting elsewhere. 如果它没有回答 “SSH -...”横幅,我认为这足以证明CLI SSH正在连接其他地方。 Where? 哪里? To discover this, run again the CLI SSH with debug: 要发现这一点,请再次运行带有debug的CLI SSH:
ssh -vvv xxx.xxx.xxx.xxx ... 2>&1 | grep "Connecting to"
(You'll have to exit by hitting Ctrl-C). (您必须通过按Ctrl-C退出)。 This should give you: 这应该给你:
debug1: Connecting to whatever [xxx.xxx.xxx.xxx] port XYZK
And that xxx.xxx.xxx.xxx and XYZK values are the ones you'll need to pass to the node client. 并且xxx.xxx.xxx.xxx和XYZK值是您需要传递给node客户端的值。
PREVIOUS ANSWER 以前的答案
I am not familiar with nodejs 's SSH2, but I had a SSH2 library (closed source, at that) play this exact trick to me some months ago. 我不熟悉nodejs的SSH2,但我有一个SSH2库(封闭源代码)在几个月前向我发挥这个诀窍。 "Connected..." followed by nothing . “连接......”后面没有任何内容 。
It turned out that the client was using a cipher that the server did not support, and for some reason while this is shown by OpenSSH2's CLI client, the library chose not to display the error. 原来,客户端使用的是服务器不支持的密码,由于某些原因,OpenSSH2的CLI客户端显示了该密码,因此库选择不显示错误。 It was quite messy to get to the bottom of things. 深入了解事情是非常混乱的。
I see from the GitHub page that some ciphers require "node v0.11.12 or newer". 我从GitHub页面看到一些密码需要“node v0.11.12或更新”。 Is this your case? 这是你的情况吗? If not, you may want to try updating node . 如果没有,您可能想尝试更新node 。
In any case I'd follow @AttRigh's suggestion and run a sshd on the server in debug mode. 在任何情况下,我都会遵循@AttRigh的建议,并在调试模式下在服务器上运行sshd。 If you cannot: 如果你不能:
- log the ssh2 CLI client's output in full debug mode and extract what cipher it uses, 以完全调试模式记录ssh2 CLI客户端的输出并提取它使用的密码,
- set up a sshd server with that cipher and no others, 使用该密码设置sshd服务器而不使用其他服务器,
- run your node client against that server. 针对该服务器运行您的节点客户端。
Also, now that I come to think of it, you might set up a sshd server anyway with default settings, and ensure that you can connect to that . 此外,现在我开始考虑它,您可以使用默认设置设置sshd服务器,并确保您可以连接到该服务器 。 This would circumscribe somewhat the problem. 这会在一定程度上限制问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.