作为一个运维 不是你懂多少知识才是你的价值 你有幸能遇到多少错误才是你的最大的价值

知识 你有我有大家有  错误我有你没有 这便是我的价值

我遇到一个错误 蛮难遇到的一个错误 所以想分享给大家 

下面我在模拟机演示给大家 用 root权限 避免你们说是因为权限的错误

2017年9月5日 我在切换sftp时候遇到一个错误(端口号是22 说写端口号的闭嘴)

[root@backup ssh]# sftp -oPort=22 root@10.0.0.31

Connecting to 10.0.0.31...

The authenticity of host '10.0.0.31 (10.0.0.31)' can't be established.

RSA key fingerprint is 25:4d:a6:65:1b:77:85:41:f0:18:07:c8:e0:12:c9:9b.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '10.0.0.31' (RSA) to the list of known hosts.

root@10.0.0.31's password:

subsystem request failed on channel 0

Couldn't read packet: Connection reset by peer

 

我们来看看这个错误 

Couldn't read packet: Connection reset by peer

 无法读取数据包:通过对等项重置连接

这是一个很难遇到的错误

 

排查之路:

tail -f /var/log/messages

Sep  5 12:31:53 backup sshd[3131]: subsystem request for sftp failed, subsyst found

Sep  5 12:37:15 backup sshd[3136]: Accepted password for root from 10.0.0.31 9088 ssh2

Sep  5 12:37:15 backup sshd[3136]: subsystem request for sftp

Sep  5 12:37:15 backup sshd[3136]: subsystem request for sftp failed, subsyst found

 

 

[root@backup ssh]# rpm -ql openssh-clients

/etc/ssh/ssh_config

/usr/bin/.ssh.hmac

/usr/bin/scp

/usr/bin/sftp

/usr/bin/slogin

/usr/bin/ssh

/usr/bin/ssh-add

/usr/bin/ssh-agent

/usr/bin/ssh-copy-id

 

[root@backup ssh]# grep sftp /etc/ssh/sshd_config

Subsystem        sftp  /usr/libexec/openssh/sftp-server

[root@backup ssh]# ll /usr/libexec/openssh/sftp-server

-rwxr-xr-x. 1 root root 67640 Mar 22 16:33 /usr/libexec/openssh/sftp-server

 

查看文档

 

 

If so, it's the cause of this error message. That's especially true if your sftp user is logging into a chrooted environment, where "/usr/lib" probably does not exist. My own sftp server is configured this way.

 

However, SSHD has the sftp functionality built-in and does not need to execute an external "helper" program like that. So, if you have a line like the above, it can be fixed by changing it to:

如果是,这是错误消息的原因。尤其是,如果您的sftp用户登录到一个chrooted环境,其中“/ usr /lib”可能不存在。我自己的sftp服务器是这样配置的。

 

但是,sshd具有内置的sftp功能,不需要执行像这样的外部“助手”程序。因此,如果您有类似上述的行,可以通过将其更改为:

 

 

 错误解决逻辑图

 

posted on 2017-09-05 15:28  一刀一刀  阅读(23793)  评论(0编辑  收藏  举报