为什么我不能使用我的域名ssh但使用IP地址?
所以我有一台电脑,我试图在家里设置为服务器。 我安装了ssh服务器,并在我的笔记本电脑上运行ssh客户端。 ssh工作正常,我使用公钥进行安全性并禁用密码。
我没有静态IP地址,所以我有一个域名,在下面将它称为domain.online,我通过namecheap得到了这个。 我在家庭服务器上运行ubuntu服务器,在我的笔记本电脑上运行ubuntu。 我根据namecheap上的文档和DynamicDNS上的官方ubuntu文档配置了ddclient 。
我与来自namecheap的代表进行了交谈,他们确认我已正确设置了名称服务器。 但当我试图通过ssh进入服务器;
ssh username@domain.online 我得到了;
connect to host domain.online port 22: connection refused
我在路由器上启用了端口转发function。 我目前正在远程ssh进入服务器,所以端口转发工作正常。 (我打电话给我的妻子,让她在whatsmyip上查看ip地址)。
UFW也被禁用。
以下是我的ddclient.conf文件;
es# Configuration file for ddclient generated by debconf # # /etc/ddclient.conf #pid=/var/run/ddclient.pid #use=if, if=enp2s0f0 use=web, web=dynamicdns.park-your-domain.com/getip protocol=namecheap #ssl=yes server=dynamicdns.park-your-domain.com login=domain.online password=################ www
以下是我的sshd_config文件;
# $OpenBSD: sshd_config,v 1.100 2016/08/15 12:32:04 naddy Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options override the # default value. #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key # Ciphers and keying #RekeyLimit default none # Logging #SyslogFacility AUTH #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin prohibit-password #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 PubkeyAuthentication yes RSAAuthentication yes # Expect .ssh/authorized_keys2 to be disregarded by default in future. AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 #AuthorizedPrincipalsFile none #AuthorizedKeysCommand none #AuthorizedKeysCommandUser nobody # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no #PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes #GSSAPIStrictAcceptorCheck yes #GSSAPIKeyExchange no # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes #AllowAgentForwarding yes AllowTcpForwarding yes #GatewayPorts no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes PrintMotd no #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation sandbox #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS no #PidFile /var/run/sshd.pid #MaxStartups 10:30:100 #PermitTunnel no #ChrootDirectory none #VersionAddendum none # no default banner path #Banner none # Allow client to pass locale environment variables AcceptEnv LANG LC_* # override default of no subsystems Subsystem sftp /usr/lib/openssh/sftp-server # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no # AllowTcpForwarding no # PermitTTY no # ForceCommand cvs server
我不知道该文件是否是必要的,但我想有人会要求它
所以,再次,我的问题是为什么当我打字
ssh username@domain.online
我得到连接拒绝错误,但当我
ssh username@00.00.00.00
我成功连接到我的服务器。
另外, sudo service ddclient status的结果是:
ddclient.service - LSB: Update dynamic domain name service entries Loaded: loaded (/etc/init.d/ddclient; generated; vendor preset: enabled) Active: active (running) since Tue 2017-06-27 14:21:21 EDT; 23h ago Docs: man:systemd-sysv-generator(8) Tasks: 1 (limit: 4915) Memory: 8.7M CPU: 5.581s CGroup: /system.slice/ddclient.service └─7217 ddclient - sleeping for 10 seconds Jun 27 14:21:20 computer-name systemd[1]: Starting LSB: Update dynamic domai Jun 27 14:21:21 computer-name systemd[1]: Started LSB: Update dynamic domain lines 1-12/12 (END)
尝试dig +short "your_domain" @8.8.8.8以在google公共RNS上执行DNS查找。 如果返回了您的真实IP地址,您将知道问题不在于域名解析。