利用SSH调试远程服务
学习地址:https://www.skillup.host/1/tools/debug-remote-api.md
利用的工具和服务:Fiddler(可选)、SSH
1.代理路径
请求接口-->网关-->SSH-->Fiddler-->到本地服务
2.操作步骤
2.1.网关配置(nginx)
defalut.conf 的http 节点
location /api/debug/sync/ {proxy_pass http://172.20.0.19:8888;}location /api/debug/sync/ {proxy_pass http://172.20.0.19:8888;}调试哪个接口定义哪个地址:location
2.2.准备SSH服务
services:alpine-sshd:container_name: sshrestart: alwaysports:- 2222:22- 8888:8888image: sickp/alpine-sshdnetworks:mynet:ipv4_address: 172.20.0.19
networks:mynet:external: true
services:alpine-sshd:container_name: sshrestart: alwaysports:- 2222:22- 8888:8888image: sickp/alpine-sshdnetworks:mynet:ipv4_address: 172.20.0.19
networks:mynet:external: true注意点:进入ssh容器内部修改,可以密码登录,可以端口转发
docker exec -it ssh bash
sed -i 's/^#PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
sed -i 's/^PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
sed -i 's/^#AllowTcpForwarding.*/AllowTcpForwarding yes/' /etc/ssh/sshd_config
sed -i 's/^AllowTcpForwarding.*/AllowTcpForwarding yes/' /etc/ssh/sshd_config
docker exec -it ssh bash
sed -i 's/^#PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
sed -i 's/^PermitRootLogin.*/PermitRootLogin yes/' /etc/ssh/sshd_config
sed -i 's/^#AllowTcpForwarding.*/AllowTcpForwarding yes/' /etc/ssh/sshd_config
sed -i 's/^AllowTcpForwarding.*/AllowTcpForwarding yes/' /etc/ssh/sshd_config用passwd命令修改一下密码,接下来端口隧道时候用
1.xshell通过2222连接,然后建立隧道
2.登录容器,设定转发到公共端口
docker exec -it ssh bash
ssh -g -Nf -L 8888:localhost:8887 localhostdocker exec -it ssh bash
ssh -g -Nf -L 8888:localhost:8887 localhost原理:
2.利用了网关的代理服务,proxy_pass
3.SSH的上下游转发功能
上游连接网关、下游连接本地XSHELL
注意点:
1.这里的networks要和网关一个网段,好让网关进行请求
2.开的2222端口,为了使本地连接到远程这个SSH服务
3.8888这个是调试接口API的端口,其实也可以是Fiddler端口
可以选择镜像,不污染宿主机SSH服务,用完之后关闭即可
推荐阅读
配置 docker0 网桥:https://www.skillup.host/1/docker/docker_practice/advanced_network/docker0.md
容器访问控制:https://www.skillup.host/1/docker/docker_practice/advanced_network/access_control.md
)
)
:从生成内容到智能革命)
