通过MobaXterm建立SSH隧道进行远程转发

 远程转发：

 建立SSH隧道

 

 然后看我这台阿里云能不能ssh到虚拟机服务器

[root@iZbp145axkc98giot5b448Z ~]# ssh root@127.0.0.1 -p 8888
The authenticity of host '[127.0.0.1]:8888 ([127.0.0.1]:8888)' can't be establis                                                                                     hed.
ECDSA key fingerprint is SHA256:0Spmsmh65ihKQh+mZTgqHwMBFt6DC9e0scSFJij0SFM.
ECDSA key fingerprint is MD5:d7:f8:39:6e:84:a0:d4:9b:9a:03:f9:fa:b9:66:e2:23.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[127.0.0.1]:8888' (ECDSA) to the list of known hosts                                                                                     .
root@127.0.0.1's password:
Last login: Mon Mar 30 22:16:36 2020
[root@topcheer ~]# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 02:42:63:95:56:b5  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.180.113  netmask 255.255.255.0  broadcast 192.168.180.255
        inet6 fe80::5525:8ab1:3e17:705  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:4d:67:37  txqueuelen 1000  (Ethernet)
        RX packets 113416  bytes 163356890 (155.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 7431  bytes 709934 (693.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 212  bytes 23052 (22.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 212  bytes 23052 (22.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:27:04:0d  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@topcheer ~]#

发现可以成功，然后我再这台阿里云SSH到别的一台阿里云，在SSH到虚拟机发现，不行，原因如下：

[root@iZbp145axkc98giot5b448Z ~]# netstat -nltp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      25181/httpd
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      27289/sshd
tcp        0      0 127.0.0.1:8888          0.0.0.0:*               LISTEN      26951/sshd: root
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      9297/master
tcp6       0      0 :::7946                 :::*                    LISTEN      9848/dockerd
tcp6       0      0 :::3306                 :::*                    LISTEN      7507/mysqld
tcp6       0      0 :::25                   :::*                    LISTEN      9297/master

8888端口是本地的，需要修改配置文件

[root@iZbp145axkc98giot5b448Z ~]# vim /etc/ssh/sshd_config
[root@iZbp145axkc98giot5b448Z ~]# service sshd restart
Redirecting to /bin/systemctl restart sshd.service

 然后再重启隧道，就可以了

[root@iZbp145axkc98giot5b448Z ~]# netstat -nltp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      25181/httpd
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      27289/sshd
tcp        0      0 0.0.0.0:8888            0.0.0.0:*               LISTEN      27302/sshd: root
tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN      9297/master
tcp6       0      0 :::7946                 :::*                    LISTEN      9848/dockerd
tcp6       0      0 :::3306                 :::*                    LISTEN      7507/mysqld
tcp6       0      0 :::25                   :::*                    LISTEN      9297/master
[root@iZbp145axkc98giot5b448Z ~]#

再开始测试

[root@iZbp143t3oxhfc3ar7jey0Z ~]# ssh root@172.16.25.74
The authenticity of host '172.16.25.74 (172.16.25.74)' can't be established.
ECDSA key fingerprint is SHA256:dAjU+6+NkBMm2b6/PJiCV8sXtGnRIASG4WfNsSzpiPM.
ECDSA key fingerprint is MD5:68:db:06:e4:0e:5a:38:15:3e:52:22:1e:1c:55:71:d9.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '172.16.25.74' (ECDSA) to the list of known hosts.
root@172.16.25.74's password:
Last login: Mon Mar 30 20:46:17 2020 from 183.160.51.73

Welcome to Alibaba Cloud Elastic Compute Service !

[root@iZ1la3d1xbmukrZ ~]# ssh root@172.16.123.216 -p 8888
The authenticity of host '[172.16.123.216]:8888 ([172.16.123.216]:8888)' can't be established.
ECDSA key fingerprint is SHA256:0Spmsmh65ihKQh+mZTgqHwMBFt6DC9e0scSFJij0SFM.
ECDSA key fingerprint is MD5:d7:f8:39:6e:84:a0:d4:9b:9a:03:f9:fa:b9:66:e2:23.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[172.16.123.216]:8888' (ECDSA) to the list of known hosts.
root@172.16.123.216's password:
Permission denied, please try again.
root@172.16.123.216's password:
Permission denied, please try again.
root@172.16.123.216's password:
Last failed login: Mon Mar 30 23:06:29 CST 2020 from 192.168.180.1 on ssh:notty
There were 2 failed login attempts since the last successful login.
Last login: Mon Mar 30 23:03:22 2020 from 192.168.180.1
[root@topcheer ~]#

注意ssh -p 8888的时候，输入的是虚拟机的密码