[GH-ISSUE #1226] 配置ssh穿透后，服务端会持续出现大量冗余信息 get a new work connection: [y.y.y.y:60690] 客户端日志文件持续出现信息 sshd[21354]: Did not receive identification string from 127.0.0.1 #965

New issue

Closed

opened 2026-05-05 12:37:05 -06:00 by gitea-mirror · 2 comments

gitea-mirror commented

2026-05-05 12:37:05 -06:00

Owner

Originally created by @emacle on GitHub (Apr 30, 2019).
Original GitHub issue: https://github.com/fatedier/frp/issues/1226

Issue is only used for submiting bug report and documents typo. If there are same issues or answers can be found in documents, we will close it directly.
(为了节约时间，提高处理问题的效率，不按照格式填写的 issue 将会直接关闭。)

Use the commands below to provide key information from your environment:
You do NOT have to include this information if this is a FEATURE REQUEST

What version of frp are you using (./frpc -v or ./frps -v)?
0.27.0

What operating system and processor architecture are you using (go env)?
客户端 Ubuntu 16.04 LTS x86_64
服务端CentOS 6.9 x86_64

Configures you used:
客户端配置

[common]
server_addr = x.x.x.x
server_port = 7005
token = test123

[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 7003

服务端（公网IP x.x.x.x）配置

[common]
bind_port = 7005
token = test123

Steps to reproduce the issue:
1.启动服务端 ./frps -c frps.ini
2.启动客户端 ./frpc -c frpc.ini

Describe the results you received:

ssh 穿透配置后，穿透连接没有问题，但是出现下面两个问题
服务端控制台出现 持续不断出现 下面信息
[I] [proxy.go:82] [b86fda4103cacaf8] [ssh] get a new work connection: [y.y.y.y:60690] 信息 , y.y.y.y 是客户端出口防火墙地址
客户端日志（tail -f /var/log/auth.log） 持续不断出现 下面信息
sshd[10776]: Did not receive identification string from 127.0.0.1
只是 from 127.0.0.1 没有其他的
尝试只开放该客户端80端口，将ssh 注释掉，80端口的穿透连接正常，不会出现这样的冗余信息
尝试另外一台客户端CentOS 6.4 ，配置ssh穿透后，问题一样出现，日志文件在 tail -f /var/log/messages
尝试另外一台客户端（不同网络的），配置ssh穿透后，客户端日志一样会出现大量冗余，请测试一下配置ssh穿透后，客户端日志不是被大量: Did not receive identification string from 信息填充？ /var/log/messages 或 /var/log/auth.log

Describe the results you expected:

不应该出现这么多异常冗余信息

Additional information you deem important (e.g. issue happens only occasionally):

我的客户端是在内网，位于防火墙里面，是否客户端里ssh与服务端连接时一直与服务端进行交互导致？
该如何排查呢，是否与我的公网服务器有关？但是80 3389这些穿透都是没问题的？

Can you point out what caused this issue (optional)

这里个项目里面好像也遇到这个问题 https://github.com/AsydSolutions/ASYD/issues/112

but anyway now I'm sending out an identification string (so you will see now something like "sshd[pid]: Connection closed by [preauth]")

这篇文章里 Example 2 指出了ssh identification string
https://scottlinux.com/2012/03/07/troubleshooting-ssh-server-logs-and-error-messages/
还有这篇
https://blog.trippyboy.com/2012/centos/ssh-did-not-receive-identification-string-from-%e3%82%92%e8%a7%a3%e6%b1%ba%e3%81%99%e3%82%8b%e3%81%ae%e5%b7%bb/

Originally created by @emacle on GitHub (Apr 30, 2019). Original GitHub issue: https://github.com/fatedier/frp/issues/1226 Issue is only used for submiting bug report and documents typo. If there are same issues or answers can be found in documents, we will close it directly. (为了节约时间，提高处理问题的效率，不按照格式填写的 issue 将会直接关闭。) Use the commands below to provide key information from your environment: You do NOT have to include this information if this is a FEATURE REQUEST **What version of frp are you using (./frpc -v or ./frps -v)?** 0.27.0 **What operating system and processor architecture are you using (`go env`)?** 客户端 Ubuntu 16.04 LTS x86_64 服务端CentOS 6.9 x86_64 **Configures you used:** 客户端配置 ``` [common] server_addr = x.x.x.x server_port = 7005 token = test123 [ssh] type = tcp local_ip = 127.0.0.1 local_port = 22 remote_port = 7003 ``` 服务端（公网IP x.x.x.x）配置 ``` [common] bind_port = 7005 token = test123 ``` **Steps to reproduce the issue:** 1.启动服务端 ./frps -c frps.ini 2.启动客户端 ./frpc -c frpc.ini **Describe the results you received:** 1. **ssh 穿透配置后，穿透连接没有问题**，但是出现下面两个问题 2. 服务端控制台出现 **持续不断出现** 下面信息 [I] [proxy.go:82] [b86fda4103cacaf8] [ssh] get a new work connection: [y.y.y.y:60690] 信息 , **y.y.y.y 是客户端出口防火墙地址** 3. 客户端日志（tail -f /var/log/auth.log） **持续不断出现** 下面信息 **sshd[10776]: Did not receive identification string from 127.0.0.1** 只是 **from 127.0.0.1** 没有其他的 4. 尝试只开放该客户端80端口，将ssh 注释掉，**80端口的穿透连接正常，不会出现这样的冗余信息** 5. 尝试另外一台客户端CentOS 6.4 ，配置ssh穿透后，问题一样出现，日志文件在 tail -f /var/log/messages 6. 尝试另外一台客户端（不同网络的），配置ssh穿透后，客户端日志一样会出现大量冗余，请测试一下配置ssh穿透后，客户端日志不是被大量: Did not receive identification string from 信息填充？ /var/log/messages 或 /var/log/auth.log **Describe the results you expected:** 不应该出现这么多异常冗余信息 **Additional information you deem important (e.g. issue happens only occasionally):** 我的客户端是在内网，位于防火墙里面，是否客户端里ssh与服务端连接时一直与服务端进行交互导致？该如何排查呢，是否与我的公网服务器有关？但是80 3389这些穿透都是没问题的？ **Can you point out what caused this issue (optional)** 这里个项目里面好像也遇到这个问题 https://github.com/AsydSolutions/ASYD/issues/112 > but anyway now I'm sending out an identification string (so you will see now something like "sshd[pid]: Connection closed by [preauth]") 这篇文章里 Example 2 指出了ssh identification string https://scottlinux.com/2012/03/07/troubleshooting-ssh-server-logs-and-error-messages/ 还有这篇 https://blog.trippyboy.com/2012/centos/ssh-did-not-receive-identification-string-from-%e3%82%92%e8%a7%a3%e6%b1%ba%e3%81%99%e3%82%8b%e3%81%ae%e5%b7%bb/

gitea-mirror closed this issue

2026-05-05 12:37:06 -06:00

gitea-mirror commented

2026-05-05 12:37:08 -06:00

Author

Owner

@fatedier commented on GitHub (May 3, 2019):

get a new work connection 是 Info 级别的日志，如果不希望看到，修改日志级别为 warn 或 error 即可。

这些日志的产生取决于有多少请求在连接你的 ssh 服务，正常情况下只有你自己的连接应该只有少量日志，可以尝试更换端口，或者其他方法避免暴露在公网上的端口被扫到。

@fatedier commented on GitHub (May 3, 2019): `get a new work connection` 是 Info 级别的日志，如果不希望看到，修改日志级别为 warn 或 error 即可。这些日志的产生取决于有多少请求在连接你的 ssh 服务，正常情况下只有你自己的连接应该只有少量日志，可以尝试更换端口，或者其他方法避免暴露在公网上的端口被扫到。

gitea-mirror commented

2026-05-05 12:37:09 -06:00

Author

Owner

@emacle commented on GitHub (May 5, 2019):

多谢，应该是那天测试时端口刚好被扫描的问题，今天试了下完全没有问题。

@emacle commented on GitHub (May 5, 2019): 多谢，应该是那天测试时端口刚好被扫描的问题，今天试了下完全没有问题。