使用IPv6地址的SSH连接

Home PDF Audio English 中文 日本語 Español हिंदी Français Deutsch العربية 繁體中文

---

我正在尝试使用IPv6连接到Hetzner Cloud中的机器。ssh 2a01:4f8:c17:2000::/64 不起作用，但 ssh root@2a01:4f8:c17:2000::1 可以。

IPv6地址是从Hetzner Cloud控制台复制的。

可以配置~/.ssh/config文件为IPv4和IPv6地址应用不同的代理规则。此设置允许您为IPv4地址指定代理命令，同时以不同方式处理IPv6地址。

Host 192.168.1.*
    UseKeychain yes
    AddKeysToAgent yes
    IdentityFile ~/.ssh/id_rsa 
Host *.*.*.*
    UseKeychain yes
    AddKeysToAgent yes
    IdentityFile ~/.ssh/id_rsa
    ProxyCommand corkscrew localhost 7890 %h %p
Host *
    UseKeychain yes
    AddKeysToAgent yes
    IdentityFile ~/.ssh/id_rsa   

运行ssh root@192.168.1.3时，以下输出显示SSH客户端正在应用~/.ssh/config文件中的配置选项：

debug1: Reading configuration data /Users/lzwjava/.ssh/config
debug1: /Users/lzwjava/.ssh/config line 1: Applying options for 192.168.1.*
debug1: /Users/lzwjava/.ssh/config line 5: Applying options for *.*.*.*
debug2: add_identity_file: ignoring duplicate key ~/.ssh/id_rsa
debug1: /Users/lzwjava/.ssh/config line 10: Applying options for *
debug2: add_identity_file: ignoring duplicate key ~/.ssh/id_rsa
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: include /etc/ssh/ssh_config.d/* matched no files
debug1: /etc/ssh/ssh_config line 54: Applying options for *
debug2: resolve_canonicalize: hostname 192.168.1.3 is address
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/Users/lzwjava/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/Users/lzwjava/.ssh/known_hosts2'
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug3: channel_clear_timeouts: clearing
debug1: Executing proxy command: exec corkscrew localhost 7890 192.168.1.3 22

SSH连接速度明显缓慢，所以我恢复到以下更简单的配置：

Host 192.168.1.*
    UseKeychain yes
    AddKeysToAgent yes
    IdentityFile ~/.ssh/id_rsa 
Host *
    UseKeychain yes
    AddKeysToAgent yes
    IdentityFile ~/.ssh/id_rsa  
    ProxyCommand corkscrew localhost 7890 %h %p 

当使用ProxyCommand corkscrew localhost 7890 %h %p指令使用IPv6地址时，问题就出现了，因为此代理命令可能无法正确处理IPv6地址。

上面的配置仍然不起作用。但是，下面的配置可以正常工作。

Host 192.168.1.*
    UseKeychain yes
    AddKeysToAgent yes
    IdentityFile ~/.ssh/id_rsa 
Host !192.*.*.*
    UseKeychain yes
    AddKeysToAgent yes
    IdentityFile ~/.ssh/id_rsa  
    ProxyCommand corkscrew localhost 7890 %h %p 
Host *
    UseKeychain yes
    AddKeysToAgent yes
    IdentityFile ~/.ssh/id_rsa  

---

Back 2025.02.22 Donate