Debian服务器与特定Raspberry Pi间SSH连接失败及NFS挂载后无法访问问题求助
2026-4-20
Debian服务器与特定Raspberry Pi间SSH连接失败及NFS挂载后无法访问问题求助
大家好,我遇到了一个非常奇怪的网络问题,折腾了很久都没头绪,想请各位帮忙分析下:
环境说明
- 服务器:ServerA(Debian Bookworm)
- 客户端:PI1、PI2、PI3(均为Raspbian Bookworm)
- 所有设备处于同一子网,连接同一WiFi接入点,防火墙配置完全一致,跨设备的用户UID和GID也完全相同
NFS共享异常情况
我在ServerA上配置了NFS共享,导出项如下:
/mnt/NAS 192.168.1.0/255.255.255.0(no_root_squash,async,insecure,no_subtree_check,nohide,rw,fsid=0,crossmnt)
- PI1和PI2都能正常访问这个共享,读写操作完全没问题
- PI3看起来成功挂载了共享,执行
mount命令能看到如下信息:192.168.1.2:/mnt/NAS on /mnt/NAS type nfs (rw,relatime,vers=3,rsize=1048576,wsize=1048576,namlen=255,soft,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=192.168.1.2,mountvers=3,mountport=56271,mountproto=tcp,local_lock=none,addr=192.168.1.2) - ServerA的日志也显示PI3的挂载请求已经通过认证:
Dec 30 16:26:39 thindebian daemon.notice rpc.mountd[2099]: authenticated mount request from 192.168.1.104:1006 for /mnt/NAS (/mnt/NAS) - 但当我在PI3上执行
ls /mnt/NAS时,命令会无限挂起,既没有报错也没有权限提示,只能按CTRL+C强制终止
SSH连接异常情况
更奇怪的是,ServerA和PI3之间的SSH连接双向都失败,但其他设备之间的连接一切正常:
- PI3无法SSH到ServerA,ServerA也无法SSH到PI3
- PI3可以正常SSH到PI1、PI2;PI1、PI2也能正常SSH到PI3;我的笔记本可以正常SSH到PI3;PI1、PI2也能正常SSH到ServerA
SSH连接失败的具体现象
从PI3连接到ServerA:
- 执行命令:
ssh root@192.168.1.2 - PI3端会提示:
Connection closed by 192.168.1.2 port 22 - ServerA的日志记录:
Dec 30 18:02:49 thindebian auth.info sshd[81994]: Connection from 192.168.1.104 port 41742 on 192.168.1.2 port 22 rdomain "" Dec 30 18:03:54 thindebian auth.crit sshd[81843]: fatal: Timeout before authentication for 192.168.1.104 port 52798
- 执行命令:
从ServerA连接到PI3(带
-v调试参数):
调试输出卡在了expecting SSH2_MSG_KEX_ECDH_REPLY这一步,完整的调试信息如下:debug1: Connecting to 192.168.1.104 [192.168.1.104] port 22. debug1: Connection established. debug1: identity file /home/john/.ssh/id_rsa type 0 debug1: identity file /home/john/.ssh/id_rsa-cert type -1 debug1: identity file /home/john/.ssh/id_ecdsa type -1 debug1: identity file /home/john/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/john/.ssh/id_ecdsa_sk type -1 debug1: identity file /home/john/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/john/.ssh/id_ed25519 type -1 debug1: identity file /home/john/.ssh/id_ed25519-cert type -1 debug1: identity file /home/john/.ssh/id_ed25519_sk type -1 debug1: identity file /home/john/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/john/.ssh/id_xmss type -1 debug1: identity file /home/john/.ssh/id_xmss-cert type -1 debug1: identity file /home/john/.ssh/id_dsa type -1 debug1: identity file /home/john/.ssh/id_dsa-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2 debug1: Remote protocol version 2.0, remote software version OpenSSH_9.2p1 -2+deb12u1 debug1: compat_banner: match: OpenSSH_9.2p1 -2+deb12u1 pat OpenSSH* compat 0x04000000 debug1: Authenticating to 192.168.1.104:22 as 'john' debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: sntrup761x25519-sha512@openssh.com debug1: kex: host key algorithm: ssh-ed25519 debug1: kex: server->client cipher: aes128-ctr MAC: umac-64-etm@openssh.com compression: none debug1: kex: client->server cipher: aes128-ctr MAC: umac-64-etm@openssh.com compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY- 反过来从PI3连接到ServerA的调试输出,同样卡在了这个阶段
已尝试但无效的解决方案
- 将所有设备的MTU值统一调整为1500
- 手动指定MAC算法连接:
ssh -o MACs=hmac-sha2-256 <HOST>
现在完全搞不懂为什么只有ServerA和PI3之间的连接有问题,其他设备间都正常,希望各位能给点思路!
备注:内容来源于stack exchange,提问作者John Tetreault
