先日、Windows 10とUbuntu 20のデュアルブート環境を構築しました。
このUbuntuにsshクライアントでログインしようとしたら接続できませんでした。
あれ!? sshd、動いていない?
最小インストールしたからなのか、ssh serverがインストールされていませんでした。
- ssh serverのインストール
- 自動起動の確認
- 起動確認
- ファイアウォールの確認
- sshd_config
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 |
rootlinks@Ubuntu20:~$ sudo apt install openssh-server Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no longer required: libfprint-2-tod1 libllvm10 Use 'sudo apt autoremove' to remove them. The following additional packages will be installed: ncurses-term openssh-sftp-server ssh-import-id Suggested packages: molly-guard monkeysphere ssh-askpass The following NEW packages will be installed: ncurses-term openssh-server openssh-sftp-server ssh-import-id 0 upgraded, 4 newly installed, 0 to remove and 0 not upgraded. Need to get 688 kB of archives. After this operation, 6010 kB of additional disk space will be used. Do you want to continue? [Y/n] Y Get:1 http://jp.archive.ubuntu.com/ubuntu focal/main amd64 ncurses-term all 6.2-0ubuntu2 [249 kB] Get:2 http://jp.archive.ubuntu.com/ubuntu focal-updates/main amd64 openssh-sftp-server amd64 1:8.2p1-4ubuntu0.3 [51.5 kB] Get:3 http://jp.archive.ubuntu.com/ubuntu focal-updates/main amd64 openssh-server amd64 1:8.2p1-4ubuntu0.3 [377 kB] Get:4 http://jp.archive.ubuntu.com/ubuntu focal/main amd64 ssh-import-id all 5.10-0ubuntu1 [10.0 kB] Fetched 688 kB in 0s (2571 kB/s) Preconfiguring packages ... Selecting previously unselected package ncurses-term. (Reading database ... 162200 files and directories currently installed.) Preparing to unpack .../ncurses-term_6.2-0ubuntu2_all.deb ... Progress: [ 0%] [.................................................................................Progress: [ 6%] [######...........................................................................Unpacking ncurses-term (6.2-0ubuntu2) ... Progress: [ 12%] [############.....................................................................Selecting previously unselected package openssh-sftp-server. Preparing to unpack .../openssh-sftp-server_1%3a8.2p1-4ubuntu0.3_amd64.deb ... Progress: [ 18%] [##################...............................................................Unpacking openssh-sftp-server (1:8.2p1-4ubuntu0.3) ... Progress: [ 24%] [########################.........................................................Selecting previously unselected package openssh-server. Preparing to unpack .../openssh-server_1%3a8.2p1-4ubuntu0.3_amd64.deb ... Progress: [ 29%] [###############################..................................................Unpacking openssh-server (1:8.2p1-4ubuntu0.3) ... Progress: [ 35%] [#####################################............................................Selecting previously unselected package ssh-import-id. Preparing to unpack .../ssh-import-id_5.10-0ubuntu1_all.deb ... Progress: [ 41%] [###########################################......................................Unpacking ssh-import-id (5.10-0ubuntu1) ... Progress: [ 47%] [#################################################................................Setting up openssh-sftp-server (1:8.2p1-4ubuntu0.3) ... Progress: [ 53%] [########################################################.........................Progress: [ 59%] [##############################################################...................Setting up openssh-server (1:8.2p1-4ubuntu0.3) ... Progress: [ 65%] [####################################################################......................................] Creating config file /etc/ssh/sshd_config with new version Creating SSH2 RSA key; this may take some time ... 3072 SHA256:VZLtafXP1Z97lp7X82nn3xw3/rTBV3BxJK29suc0/RQ root@Ubuntu20 (RSA) Creating SSH2 ECDSA key; this may take some time ... 256 SHA256:gq/FVqYBXbin4plDA5EsDyq7+0HoQrcHw3u9dTHISqg root@Ubuntu20 (ECDSA) Creating SSH2 ED25519 key; this may take some time ... 256 SHA256:R0an4yhUgozLozTXenfh0gKKGxaCYL7sHDmkMPIpLl4 root@Ubuntu20 (ED25519) Created symlink /etc/systemd/system/sshd.service -> /lib/systemd/system/ssh.service. Created symlink /etc/systemd/system/multi-user.target.wants/ssh.service -> /lib/systemd/system/ssh.service. rescue-ssh.target is a disabled or a static unit, not starting it. Progress: [ 71%] [##########################################################################.......Setting up ssh-import-id (5.10-0ubuntu1) ... Progress: [ 76%] [#################################################################################Attempting to convert /etc/ssh/ssh_import_id Progress: [ 82%] [#################################################################################Setting up ncurses-term (6.2-0ubuntu2) ... Progress: [ 88%] [#################################################################################Progress: [ 94%] [#################################################################################Processing triggers for systemd (245.4-4ubuntu3.13) ... Processing triggers for man-db (2.9.1-1) ... Processing triggers for ufw (0.36-6ubuntu1) ... |
1 2 |
rootlinks@Ubuntu20:~$ sudo systemctl list-unit-files | grep sshd sshd.service enabled enabled |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
rootlinks@Ubuntu20:~$ sudo systemctl status sshd * ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2021-12-16 15:40:27 JST; 31min ago Docs: man:sshd(8) man:sshd_config(5) Main PID: 773 (sshd) Tasks: 1 (limit: 9468) Memory: 4.5M CGroup: /system.slice/ssh.service `-773 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups Dec 16 15:40:27 Ubuntu20 systemd[1]: Starting OpenBSD Secure Shell server... Dec 16 15:40:27 Ubuntu20 sshd[773]: Server listening on 0.0.0.0 port 22. Dec 16 15:40:27 Ubuntu20 sshd[773]: Server listening on :: port 22. Dec 16 15:40:27 Ubuntu20 systemd[1]: Started OpenBSD Secure Shell server. |
無効になっていました。標準で無効化されるのかな?
1 2 |
rootlinks@Ubuntu20:~$ sudo ufw status Status: inactive |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 |
rootlinks@Ubuntu20:~$ sudo cat /etc/ssh/sshd_config # $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options override the # default value. Include /etc/ssh/sshd_config.d/*.conf #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key # Ciphers and keying #RekeyLimit default none # Logging #SyslogFacility AUTH #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin prohibit-password #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 #PubkeyAuthentication yes # Expect .ssh/authorized_keys2 to be disregarded by default in future. #AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 #AuthorizedPrincipalsFile none #AuthorizedKeysCommand none #AuthorizedKeysCommandUser nobody # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes #GSSAPIStrictAcceptorCheck yes #GSSAPIKeyExchange no # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes PrintMotd no #PrintLastLog yes #TCPKeepAlive yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS no #PidFile /var/run/sshd.pid #MaxStartups 10:30:100 #PermitTunnel no #ChrootDirectory none #VersionAddendum none # no default banner path #Banner none # Allow client to pass locale environment variables AcceptEnv LANG LC_* # override default of no subsystems Subsystem sftp /usr/lib/openssh/sftp-server # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no # AllowTcpForwarding no # PermitTTY no # ForceCommand cvs server |
Windows PCからsshクライアントを使ってログインできました。