[{"data":1,"prerenderedAt":1259},["ShallowReactive",2],{"article-devops\u002Fssh":3},{"_path":4,"_dir":5,"_draft":6,"_partial":6,"_locale":7,"title":8,"description":9,"date":10,"tags":11,"body":14,"_type":1253,"_id":1254,"_source":1255,"_file":1256,"_stem":1257,"_extension":1258},"\u002Farticles\u002Fdevops\u002Fssh","devops",false,"","Mac在外网SSH绕过内网NAT的完整指北","无需公网 IP，通过 Tailscale 组建虚拟局域网，实现 Mac 远程 SSH 登录家里 Windows 主机的完整配置指南。","2026-05-07",[12,13],"软件工程","DevOps",{"type":15,"children":16,"toc":1224},"root",[17,25,40,53,62,67,92,97,108,113,136,141,173,177,183,188,195,214,220,225,241,247,299,304,309,323,328,393,399,413,426,429,435,440,445,472,477,512,525,531,536,550,555,569,574,598,601,607,612,632,637,651,656,661,680,693,696,708,720,761,766,785,798,801,807,812,818,844,849,874,880,893,911,923,937,942,962,965,970,1115,1118,1123,1128,1151,1154,1159,1171,1176,1181,1213,1218],{"type":18,"tag":19,"props":20,"children":22},"element","h2",{"id":21},"导致问题的原因",[23],{"type":24,"value":21},"text",{"type":18,"tag":26,"props":27,"children":28},"p",{},[29,31,38],{"type":24,"value":30},"我的需求是Mac在外网SSH连接家里Windows主机做训练和微调大模型，但现在路由器都自带 ",{"type":18,"tag":32,"props":33,"children":35},"code",{"className":34},[],[36],{"type":24,"value":37},"NAT",{"type":24,"value":39}," 功能，家里的电脑没有一个可以被外网直接访问的公网地址；学校或实验室网络也常常有额外限制，所以直接通过公网 IP 连接往往行不通。",{"type":18,"tag":26,"props":41,"children":42},{},[43,45,51],{"type":24,"value":44},"这篇文章记录一套我自己会长期使用的方案：",{"type":18,"tag":46,"props":47,"children":48},"strong",{},[49],{"type":24,"value":50},"用 Tailscale 把 Mac 和 Windows 组到同一个虚拟局域网里，再通过 SSH 远程登录 Windows 主机。",{"type":24,"value":52}," 这样不用折腾公网 IP、端口映射和 DDNS，配置成本低，稳定性也更适合个人使用。",{"type":18,"tag":26,"props":54,"children":55},{},[56],{"type":18,"tag":57,"props":58,"children":61},"img",{"alt":59,"src":60},"Mac 通过 Tailscale SSH 连接 Windows 的网络结构示意","\u002Fimg\u002Fssh-tail.png",[],{"type":18,"tag":19,"props":63,"children":65},{"id":64},"这篇文章适合谁",[66],{"type":24,"value":64},{"type":18,"tag":68,"props":69,"children":70},"ul",{},[71,77,82,87],{"type":18,"tag":72,"props":73,"children":74},"li",{},[75],{"type":24,"value":76},"家里有一台 Windows 台式机或工作站",{"type":18,"tag":72,"props":78,"children":79},{},[80],{"type":24,"value":81},"手头主要使用 MacBook",{"type":18,"tag":72,"props":83,"children":84},{},[85],{"type":24,"value":86},"需要在外面远程连接家里的机器",{"type":18,"tag":72,"props":88,"children":89},{},[90],{"type":24,"value":91},"不想折腾公网 IP、路由器端口转发和 DDNS",{"type":18,"tag":19,"props":93,"children":95},{"id":94},"方案原理",[96],{"type":24,"value":94},{"type":18,"tag":26,"props":98,"children":99},{},[100,106],{"type":18,"tag":32,"props":101,"children":103},{"className":102},[],[104],{"type":24,"value":105},"Tailscale",{"type":24,"value":107}," 可以把多台设备拉进同一个加密的虚拟网络中。只要 Mac 和 Windows 登录到同一个账号，它们就像处在同一个局域网里，可以直接通过 Tailscale 分配的地址互相访问。",{"type":18,"tag":26,"props":109,"children":110},{},[111],{"type":24,"value":112},"这套方案的核心优点是：",{"type":18,"tag":68,"props":114,"children":115},{},[116,121,126,131],{"type":18,"tag":72,"props":117,"children":118},{},[119],{"type":24,"value":120},"不需要公网 IP",{"type":18,"tag":72,"props":122,"children":123},{},[124],{"type":24,"value":125},"不需要在路由器上开放 22 端口",{"type":18,"tag":72,"props":127,"children":128},{},[129],{"type":24,"value":130},"自带加密传输，安全性比裸露公网端口更高",{"type":18,"tag":72,"props":132,"children":133},{},[134],{"type":24,"value":135},"对复杂网络环境更友好，适合家里和实验室这种跨网络场景",{"type":18,"tag":19,"props":137,"children":139},{"id":138},"整体流程",[140],{"type":24,"value":138},{"type":18,"tag":142,"props":143,"children":144},"ol",{},[145,156,168],{"type":18,"tag":72,"props":146,"children":147},{},[148,150],{"type":24,"value":149},"在 Windows 上安装并启用 ",{"type":18,"tag":32,"props":151,"children":153},{"className":152},[],[154],{"type":24,"value":155},"OpenSSH Server",{"type":18,"tag":72,"props":157,"children":158},{},[159,161,166],{"type":24,"value":160},"在 Mac 和 Windows 上安装 ",{"type":18,"tag":32,"props":162,"children":164},{"className":163},[],[165],{"type":24,"value":105},{"type":24,"value":167},"，并登录同一个账号",{"type":18,"tag":72,"props":169,"children":170},{},[171],{"type":24,"value":172},"在 Mac 上通过 Tailscale 地址发起 SSH 连接",{"type":18,"tag":174,"props":175,"children":176},"hr",{},[],{"type":18,"tag":19,"props":178,"children":180},{"id":179},"第一步在-windows-上启用-ssh-服务",[181],{"type":24,"value":182},"第一步：在 Windows 上启用 SSH 服务",{"type":18,"tag":26,"props":184,"children":185},{},[186],{"type":24,"value":187},"Windows 11 已经内置了 OpenSSH 组件，但很多机器默认只装了客户端，没有启用服务端。",{"type":18,"tag":189,"props":190,"children":192},"h3",{"id":191},"方法一图形界面安装",[193],{"type":24,"value":194},"方法一：图形界面安装",{"type":18,"tag":196,"props":197,"children":200},"pre",{"className":198,"code":199,"language":24,"meta":7,"style":7},"language-text shiki shiki-themes github-dark","设置 -> 系统 -> 可选功能 -> 添加功能 -> 搜索 \"OpenSSH Server\" -> 安装\n",[201],{"type":18,"tag":32,"props":202,"children":203},{"__ignoreMap":7},[204],{"type":18,"tag":205,"props":206,"children":209},"span",{"class":207,"line":208},"line",1,[210],{"type":18,"tag":205,"props":211,"children":212},{},[213],{"type":24,"value":199},{"type":18,"tag":189,"props":215,"children":217},{"id":216},"方法二powershell-安装",[218],{"type":24,"value":219},"方法二：PowerShell 安装",{"type":18,"tag":26,"props":221,"children":222},{},[223],{"type":24,"value":224},"以管理员身份打开 PowerShell，执行：",{"type":18,"tag":196,"props":226,"children":230},{"className":227,"code":228,"language":229,"meta":7,"style":7},"language-powershell shiki shiki-themes github-dark","Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0\n","powershell",[231],{"type":18,"tag":32,"props":232,"children":233},{"__ignoreMap":7},[234],{"type":18,"tag":205,"props":235,"children":236},{"class":207,"line":208},[237],{"type":18,"tag":205,"props":238,"children":239},{},[240],{"type":24,"value":228},{"type":18,"tag":189,"props":242,"children":244},{"id":243},"启动-sshd-并设置为开机自启",[245],{"type":24,"value":246},"启动 sshd 并设置为开机自启",{"type":18,"tag":196,"props":248,"children":250},{"className":227,"code":249,"language":229,"meta":7,"style":7},"# 启动 SSH 服务\nStart-Service sshd\n\n# 设置为开机自动启动\nSet-Service -Name sshd -StartupType Automatic\n",[251],{"type":18,"tag":32,"props":252,"children":253},{"__ignoreMap":7},[254,262,271,281,290],{"type":18,"tag":205,"props":255,"children":256},{"class":207,"line":208},[257],{"type":18,"tag":205,"props":258,"children":259},{},[260],{"type":24,"value":261},"# 启动 SSH 服务\n",{"type":18,"tag":205,"props":263,"children":265},{"class":207,"line":264},2,[266],{"type":18,"tag":205,"props":267,"children":268},{},[269],{"type":24,"value":270},"Start-Service sshd\n",{"type":18,"tag":205,"props":272,"children":274},{"class":207,"line":273},3,[275],{"type":18,"tag":205,"props":276,"children":278},{"emptyLinePlaceholder":277},true,[279],{"type":24,"value":280},"\n",{"type":18,"tag":205,"props":282,"children":284},{"class":207,"line":283},4,[285],{"type":18,"tag":205,"props":286,"children":287},{},[288],{"type":24,"value":289},"# 设置为开机自动启动\n",{"type":18,"tag":205,"props":291,"children":293},{"class":207,"line":292},5,[294],{"type":18,"tag":205,"props":295,"children":296},{},[297],{"type":24,"value":298},"Set-Service -Name sshd -StartupType Automatic\n",{"type":18,"tag":189,"props":300,"children":302},{"id":301},"检查防火墙规则",[303],{"type":24,"value":301},{"type":18,"tag":26,"props":305,"children":306},{},[307],{"type":24,"value":308},"通常安装 OpenSSH Server 后，Windows 会自动创建防火墙规则。可以先检查：",{"type":18,"tag":196,"props":310,"children":312},{"className":227,"code":311,"language":229,"meta":7,"style":7},"Get-NetFirewallRule -Name \"OpenSSH-Server-In-TCP\"\n",[313],{"type":18,"tag":32,"props":314,"children":315},{"__ignoreMap":7},[316],{"type":18,"tag":205,"props":317,"children":318},{"class":207,"line":208},[319],{"type":18,"tag":205,"props":320,"children":321},{},[322],{"type":24,"value":311},{"type":18,"tag":26,"props":324,"children":325},{},[326],{"type":24,"value":327},"如果没有这条规则，再手动创建：",{"type":18,"tag":196,"props":329,"children":331},{"className":227,"code":330,"language":229,"meta":7,"style":7},"New-NetFirewallRule -Name \"OpenSSH-Server-In-TCP\" `\n  -DisplayName \"OpenSSH Server (sshd)\" `\n  -Enabled True `\n  -Direction Inbound `\n  -Protocol TCP `\n  -Action Allow `\n  -LocalPort 22\n",[332],{"type":18,"tag":32,"props":333,"children":334},{"__ignoreMap":7},[335,343,351,359,367,375,384],{"type":18,"tag":205,"props":336,"children":337},{"class":207,"line":208},[338],{"type":18,"tag":205,"props":339,"children":340},{},[341],{"type":24,"value":342},"New-NetFirewallRule -Name \"OpenSSH-Server-In-TCP\" `\n",{"type":18,"tag":205,"props":344,"children":345},{"class":207,"line":264},[346],{"type":18,"tag":205,"props":347,"children":348},{},[349],{"type":24,"value":350},"  -DisplayName \"OpenSSH Server (sshd)\" `\n",{"type":18,"tag":205,"props":352,"children":353},{"class":207,"line":273},[354],{"type":18,"tag":205,"props":355,"children":356},{},[357],{"type":24,"value":358},"  -Enabled True `\n",{"type":18,"tag":205,"props":360,"children":361},{"class":207,"line":283},[362],{"type":18,"tag":205,"props":363,"children":364},{},[365],{"type":24,"value":366},"  -Direction Inbound `\n",{"type":18,"tag":205,"props":368,"children":369},{"class":207,"line":292},[370],{"type":18,"tag":205,"props":371,"children":372},{},[373],{"type":24,"value":374},"  -Protocol TCP `\n",{"type":18,"tag":205,"props":376,"children":378},{"class":207,"line":377},6,[379],{"type":18,"tag":205,"props":380,"children":381},{},[382],{"type":24,"value":383},"  -Action Allow `\n",{"type":18,"tag":205,"props":385,"children":387},{"class":207,"line":386},7,[388],{"type":18,"tag":205,"props":389,"children":390},{},[391],{"type":24,"value":392},"  -LocalPort 22\n",{"type":18,"tag":189,"props":394,"children":396},{"id":395},"验证-ssh-服务是否正常",[397],{"type":24,"value":398},"验证 SSH 服务是否正常",{"type":18,"tag":196,"props":400,"children":402},{"className":227,"code":401,"language":229,"meta":7,"style":7},"Get-Service sshd\n",[403],{"type":18,"tag":32,"props":404,"children":405},{"__ignoreMap":7},[406],{"type":18,"tag":205,"props":407,"children":408},{"class":207,"line":208},[409],{"type":18,"tag":205,"props":410,"children":411},{},[412],{"type":24,"value":401},{"type":18,"tag":26,"props":414,"children":415},{},[416,418,424],{"type":24,"value":417},"如果状态显示为 ",{"type":18,"tag":32,"props":419,"children":421},{"className":420},[],[422],{"type":24,"value":423},"Running",{"type":24,"value":425},"，说明 SSH 服务已经起来了。",{"type":18,"tag":174,"props":427,"children":428},{},[],{"type":18,"tag":19,"props":430,"children":432},{"id":431},"第二步在两台设备上安装并登录-tailscale",[433],{"type":24,"value":434},"第二步：在两台设备上安装并登录 Tailscale",{"type":18,"tag":26,"props":436,"children":437},{},[438],{"type":24,"value":439},"Mac 和 Windows 两端都需要安装 Tailscale，并登录同一个账号。",{"type":18,"tag":189,"props":441,"children":443},{"id":442},"安装方式",[444],{"type":24,"value":442},{"type":18,"tag":142,"props":446,"children":447},{},[448,462,467],{"type":18,"tag":72,"props":449,"children":450},{},[451,453],{"type":24,"value":452},"打开 ",{"type":18,"tag":454,"props":455,"children":459},"a",{"href":456,"rel":457},"https:\u002F\u002Ftailscale.com\u002Fdownloads",[458],"nofollow",[460],{"type":24,"value":461},"Tailscale 下载页",{"type":18,"tag":72,"props":463,"children":464},{},[465],{"type":24,"value":466},"根据平台下载安装包",{"type":18,"tag":72,"props":468,"children":469},{},[470],{"type":24,"value":471},"安装完成后登录同一个账号",{"type":18,"tag":26,"props":473,"children":474},{},[475],{"type":24,"value":476},"常见平台选择：",{"type":18,"tag":68,"props":478,"children":479},{},[480,499],{"type":18,"tag":72,"props":481,"children":482},{},[483,485,491,493],{"type":24,"value":484},"Mac：",{"type":18,"tag":32,"props":486,"children":488},{"className":487},[],[489],{"type":24,"value":490},"App Store",{"type":24,"value":492}," 或官方 ",{"type":18,"tag":32,"props":494,"children":496},{"className":495},[],[497],{"type":24,"value":498},"dmg",{"type":18,"tag":72,"props":500,"children":501},{},[502,504,510],{"type":24,"value":503},"Windows：官方 ",{"type":18,"tag":32,"props":505,"children":507},{"className":506},[],[508],{"type":24,"value":509},"exe",{"type":24,"value":511}," 安装包",{"type":18,"tag":26,"props":513,"children":514},{},[515,517,523],{"type":24,"value":516},"登录完成后，两台设备就会出现在同一个 ",{"type":18,"tag":32,"props":518,"children":520},{"className":519},[],[521],{"type":24,"value":522},"Tailnet",{"type":24,"value":524}," 里。",{"type":18,"tag":189,"props":526,"children":528},{"id":527},"查看-windows-的-tailscale-地址",[529],{"type":24,"value":530},"查看 Windows 的 Tailscale 地址",{"type":18,"tag":26,"props":532,"children":533},{},[534],{"type":24,"value":535},"在 Windows PowerShell 中执行：",{"type":18,"tag":196,"props":537,"children":539},{"className":227,"code":538,"language":229,"meta":7,"style":7},"tailscale ip -4\n",[540],{"type":18,"tag":32,"props":541,"children":542},{"__ignoreMap":7},[543],{"type":18,"tag":205,"props":544,"children":545},{"class":207,"line":208},[546],{"type":18,"tag":205,"props":547,"children":548},{},[549],{"type":24,"value":538},{"type":18,"tag":26,"props":551,"children":552},{},[553],{"type":24,"value":554},"你会看到一个类似下面的地址：",{"type":18,"tag":196,"props":556,"children":558},{"className":198,"code":557,"language":24,"meta":7,"style":7},"100.xx.xx.xx\n",[559],{"type":18,"tag":32,"props":560,"children":561},{"__ignoreMap":7},[562],{"type":18,"tag":205,"props":563,"children":564},{"class":207,"line":208},[565],{"type":18,"tag":205,"props":566,"children":567},{},[568],{"type":24,"value":557},{"type":18,"tag":26,"props":570,"children":571},{},[572],{"type":24,"value":573},"也可以在 Mac 上查看当前 Tailnet 里的设备状态：",{"type":18,"tag":196,"props":575,"children":579},{"className":576,"code":577,"language":578,"meta":7,"style":7},"language-bash shiki shiki-themes github-dark","tailscale status\n","bash",[580],{"type":18,"tag":32,"props":581,"children":582},{"__ignoreMap":7},[583],{"type":18,"tag":205,"props":584,"children":585},{"class":207,"line":208},[586,592],{"type":18,"tag":205,"props":587,"children":589},{"style":588},"--shiki-default:#B392F0",[590],{"type":24,"value":591},"tailscale",{"type":18,"tag":205,"props":593,"children":595},{"style":594},"--shiki-default:#9ECBFF",[596],{"type":24,"value":597}," status\n",{"type":18,"tag":174,"props":599,"children":600},{},[],{"type":18,"tag":19,"props":602,"children":604},{"id":603},"第三步从-mac-发起-ssh-连接",[605],{"type":24,"value":606},"第三步：从 Mac 发起 SSH 连接",{"type":18,"tag":26,"props":608,"children":609},{},[610],{"type":24,"value":611},"拿到 Windows 主机的 Tailscale 地址之后，就可以直接在 Mac 终端连接：",{"type":18,"tag":196,"props":613,"children":615},{"className":576,"code":614,"language":578,"meta":7,"style":7},"ssh 你的Windows用户名@100.xx.xx.xx\n",[616],{"type":18,"tag":32,"props":617,"children":618},{"__ignoreMap":7},[619],{"type":18,"tag":205,"props":620,"children":621},{"class":207,"line":208},[622,627],{"type":18,"tag":205,"props":623,"children":624},{"style":588},[625],{"type":24,"value":626},"ssh",{"type":18,"tag":205,"props":628,"children":629},{"style":594},[630],{"type":24,"value":631}," 你的Windows用户名@100.xx.xx.xx\n",{"type":18,"tag":26,"props":633,"children":634},{},[635],{"type":24,"value":636},"如果你不确定 Windows 的用户名，可以先在 Windows 终端执行：",{"type":18,"tag":196,"props":638,"children":640},{"className":227,"code":639,"language":229,"meta":7,"style":7},"whoami\n",[641],{"type":18,"tag":32,"props":642,"children":643},{"__ignoreMap":7},[644],{"type":18,"tag":205,"props":645,"children":646},{"class":207,"line":208},[647],{"type":18,"tag":205,"props":648,"children":649},{},[650],{"type":24,"value":639},{"type":18,"tag":26,"props":652,"children":653},{},[654],{"type":24,"value":655},"然后使用返回结果中的用户名部分进行连接。",{"type":18,"tag":189,"props":657,"children":659},{"id":658},"一个连接示例",[660],{"type":24,"value":658},{"type":18,"tag":196,"props":662,"children":664},{"className":576,"code":663,"language":578,"meta":7,"style":7},"ssh wangkun@100.xx.xx.xx\n",[665],{"type":18,"tag":32,"props":666,"children":667},{"__ignoreMap":7},[668],{"type":18,"tag":205,"props":669,"children":670},{"class":207,"line":208},[671,675],{"type":18,"tag":205,"props":672,"children":673},{"style":588},[674],{"type":24,"value":626},{"type":18,"tag":205,"props":676,"children":677},{"style":594},[678],{"type":24,"value":679}," wangkun@100.xx.xx.xx\n",{"type":18,"tag":26,"props":681,"children":682},{},[683,685,691],{"type":24,"value":684},"第一次连接时，终端会提示你确认主机指纹，输入 ",{"type":18,"tag":32,"props":686,"children":688},{"className":687},[],[689],{"type":24,"value":690},"yes",{"type":24,"value":692}," 即可。",{"type":18,"tag":174,"props":694,"children":695},{},[],{"type":18,"tag":19,"props":697,"children":699},{"id":698},"可选优化配置-sshconfig",[700,702],{"type":24,"value":701},"可选优化：配置 ",{"type":18,"tag":32,"props":703,"children":705},{"className":704},[],[706],{"type":24,"value":707},"~\u002F.ssh\u002Fconfig",{"type":18,"tag":26,"props":709,"children":710},{},[711,713,718],{"type":24,"value":712},"如果你不想每次都手动输入完整 IP，可以在 Mac 上编辑 ",{"type":18,"tag":32,"props":714,"children":716},{"className":715},[],[717],{"type":24,"value":707},{"type":24,"value":719},"：",{"type":18,"tag":196,"props":721,"children":725},{"className":722,"code":723,"language":724,"meta":7,"style":7},"language-sshconfig shiki shiki-themes github-dark","Host home-gpu\n    HostName 100.xx.xx.xx\n    User 你的Windows用户名\n    Port 22\n","sshconfig",[726],{"type":18,"tag":32,"props":727,"children":728},{"__ignoreMap":7},[729,737,745,753],{"type":18,"tag":205,"props":730,"children":731},{"class":207,"line":208},[732],{"type":18,"tag":205,"props":733,"children":734},{},[735],{"type":24,"value":736},"Host home-gpu\n",{"type":18,"tag":205,"props":738,"children":739},{"class":207,"line":264},[740],{"type":18,"tag":205,"props":741,"children":742},{},[743],{"type":24,"value":744},"    HostName 100.xx.xx.xx\n",{"type":18,"tag":205,"props":746,"children":747},{"class":207,"line":273},[748],{"type":18,"tag":205,"props":749,"children":750},{},[751],{"type":24,"value":752},"    User 你的Windows用户名\n",{"type":18,"tag":205,"props":754,"children":755},{"class":207,"line":283},[756],{"type":18,"tag":205,"props":757,"children":758},{},[759],{"type":24,"value":760},"    Port 22\n",{"type":18,"tag":26,"props":762,"children":763},{},[764],{"type":24,"value":765},"保存后，以后只需要输入：",{"type":18,"tag":196,"props":767,"children":769},{"className":576,"code":768,"language":578,"meta":7,"style":7},"ssh home-gpu\n",[770],{"type":18,"tag":32,"props":771,"children":772},{"__ignoreMap":7},[773],{"type":18,"tag":205,"props":774,"children":775},{"class":207,"line":208},[776,780],{"type":18,"tag":205,"props":777,"children":778},{"style":588},[779],{"type":24,"value":626},{"type":18,"tag":205,"props":781,"children":782},{"style":594},[783],{"type":24,"value":784}," home-gpu\n",{"type":18,"tag":26,"props":786,"children":787},{},[788,790,796],{"type":24,"value":789},"如果你的 Tailscale 网络里设备名比较稳定，也可以把 ",{"type":18,"tag":32,"props":791,"children":793},{"className":792},[],[794],{"type":24,"value":795},"HostName",{"type":24,"value":797}," 换成设备名。",{"type":18,"tag":174,"props":799,"children":800},{},[],{"type":18,"tag":19,"props":802,"children":804},{"id":803},"可选优化配置-ssh-密钥免密登录",[805],{"type":24,"value":806},"可选优化：配置 SSH 密钥免密登录",{"type":18,"tag":26,"props":808,"children":809},{},[810],{"type":24,"value":811},"如果你经常要连接这台机器，推荐配置 SSH 密钥登录，省去重复输入密码，也更安全。",{"type":18,"tag":189,"props":813,"children":815},{"id":814},"在-mac-上生成密钥",[816],{"type":24,"value":817},"在 Mac 上生成密钥",{"type":18,"tag":196,"props":819,"children":821},{"className":576,"code":820,"language":578,"meta":7,"style":7},"ssh-keygen -t ed25519\n",[822],{"type":18,"tag":32,"props":823,"children":824},{"__ignoreMap":7},[825],{"type":18,"tag":205,"props":826,"children":827},{"class":207,"line":208},[828,833,839],{"type":18,"tag":205,"props":829,"children":830},{"style":588},[831],{"type":24,"value":832},"ssh-keygen",{"type":18,"tag":205,"props":834,"children":836},{"style":835},"--shiki-default:#79B8FF",[837],{"type":24,"value":838}," -t",{"type":18,"tag":205,"props":840,"children":841},{"style":594},[842],{"type":24,"value":843}," ed25519\n",{"type":18,"tag":26,"props":845,"children":846},{},[847],{"type":24,"value":848},"一路回车即可，默认会生成：",{"type":18,"tag":68,"props":850,"children":851},{},[852,863],{"type":18,"tag":72,"props":853,"children":854},{},[855,857],{"type":24,"value":856},"私钥：",{"type":18,"tag":32,"props":858,"children":860},{"className":859},[],[861],{"type":24,"value":862},"~\u002F.ssh\u002Fid_ed25519",{"type":18,"tag":72,"props":864,"children":865},{},[866,868],{"type":24,"value":867},"公钥：",{"type":18,"tag":32,"props":869,"children":871},{"className":870},[],[872],{"type":24,"value":873},"~\u002F.ssh\u002Fid_ed25519.pub",{"type":18,"tag":189,"props":875,"children":877},{"id":876},"将公钥写入-windows",[878],{"type":24,"value":879},"将公钥写入 Windows",{"type":18,"tag":26,"props":881,"children":882},{},[883,885,891],{"type":24,"value":884},"如果你的系统装了 ",{"type":18,"tag":32,"props":886,"children":888},{"className":887},[],[889],{"type":24,"value":890},"ssh-copy-id",{"type":24,"value":892},"，可以直接执行：",{"type":18,"tag":196,"props":894,"children":896},{"className":576,"code":895,"language":578,"meta":7,"style":7},"ssh-copy-id 你的Windows用户名@100.xx.xx.xx\n",[897],{"type":18,"tag":32,"props":898,"children":899},{"__ignoreMap":7},[900],{"type":18,"tag":205,"props":901,"children":902},{"class":207,"line":208},[903,907],{"type":18,"tag":205,"props":904,"children":905},{"style":588},[906],{"type":24,"value":890},{"type":18,"tag":205,"props":908,"children":909},{"style":594},[910],{"type":24,"value":631},{"type":18,"tag":26,"props":912,"children":913},{},[914,916,921],{"type":24,"value":915},"如果没有 ",{"type":18,"tag":32,"props":917,"children":919},{"className":918},[],[920],{"type":24,"value":890},{"type":24,"value":922},"，就把公钥内容手动追加到 Windows 的这个文件中：",{"type":18,"tag":196,"props":924,"children":926},{"className":198,"code":925,"language":24,"meta":7,"style":7},"C:\\Users\\你的用户名\\.ssh\\authorized_keys\n",[927],{"type":18,"tag":32,"props":928,"children":929},{"__ignoreMap":7},[930],{"type":18,"tag":205,"props":931,"children":932},{"class":207,"line":208},[933],{"type":18,"tag":205,"props":934,"children":935},{},[936],{"type":24,"value":925},{"type":18,"tag":26,"props":938,"children":939},{},[940],{"type":24,"value":941},"公钥内容可以用下面这条命令查看：",{"type":18,"tag":196,"props":943,"children":945},{"className":576,"code":944,"language":578,"meta":7,"style":7},"cat ~\u002F.ssh\u002Fid_ed25519.pub\n",[946],{"type":18,"tag":32,"props":947,"children":948},{"__ignoreMap":7},[949],{"type":18,"tag":205,"props":950,"children":951},{"class":207,"line":208},[952,957],{"type":18,"tag":205,"props":953,"children":954},{"style":588},[955],{"type":24,"value":956},"cat",{"type":18,"tag":205,"props":958,"children":959},{"style":594},[960],{"type":24,"value":961}," ~\u002F.ssh\u002Fid_ed25519.pub\n",{"type":18,"tag":174,"props":963,"children":964},{},[],{"type":18,"tag":19,"props":966,"children":968},{"id":967},"常见问题排查",[969],{"type":24,"value":967},{"type":18,"tag":971,"props":972,"children":973},"table",{},[974,998],{"type":18,"tag":975,"props":976,"children":977},"thead",{},[978],{"type":18,"tag":979,"props":980,"children":981},"tr",{},[982,988,993],{"type":18,"tag":983,"props":984,"children":985},"th",{},[986],{"type":24,"value":987},"现象",{"type":18,"tag":983,"props":989,"children":990},{},[991],{"type":24,"value":992},"常见原因",{"type":18,"tag":983,"props":994,"children":995},{},[996],{"type":24,"value":997},"处理方式",{"type":18,"tag":999,"props":1000,"children":1001},"tbody",{},[1002,1039,1061,1097],{"type":18,"tag":979,"props":1003,"children":1004},{},[1005,1015,1026],{"type":18,"tag":1006,"props":1007,"children":1008},"td",{},[1009],{"type":18,"tag":32,"props":1010,"children":1012},{"className":1011},[],[1013],{"type":24,"value":1014},"Connection refused",{"type":18,"tag":1006,"props":1016,"children":1017},{},[1018,1024],{"type":18,"tag":32,"props":1019,"children":1021},{"className":1020},[],[1022],{"type":24,"value":1023},"sshd",{"type":24,"value":1025}," 没启动，或者防火墙规则不存在",{"type":18,"tag":1006,"props":1027,"children":1028},{},[1029,1031,1037],{"type":24,"value":1030},"检查 ",{"type":18,"tag":32,"props":1032,"children":1034},{"className":1033},[],[1035],{"type":24,"value":1036},"Get-Service sshd",{"type":24,"value":1038}," 和防火墙规则",{"type":18,"tag":979,"props":1040,"children":1041},{},[1042,1051,1056],{"type":18,"tag":1006,"props":1043,"children":1044},{},[1045],{"type":18,"tag":32,"props":1046,"children":1048},{"className":1047},[],[1049],{"type":24,"value":1050},"Connection timed out",{"type":18,"tag":1006,"props":1052,"children":1053},{},[1054],{"type":24,"value":1055},"Tailscale 没连上，或 Windows 处于休眠状态",{"type":18,"tag":1006,"props":1057,"children":1058},{},[1059],{"type":24,"value":1060},"确认两台设备在线，并检查电源设置",{"type":18,"tag":979,"props":1062,"children":1063},{},[1064,1073,1078],{"type":18,"tag":1006,"props":1065,"children":1066},{},[1067],{"type":18,"tag":32,"props":1068,"children":1070},{"className":1069},[],[1071],{"type":24,"value":1072},"Permission denied",{"type":18,"tag":1006,"props":1074,"children":1075},{},[1076],{"type":24,"value":1077},"用户名不对、密码不对，或密钥未正确写入",{"type":18,"tag":1006,"props":1079,"children":1080},{},[1081,1083,1089,1091],{"type":24,"value":1082},"先用 ",{"type":18,"tag":32,"props":1084,"children":1086},{"className":1085},[],[1087],{"type":24,"value":1088},"whoami",{"type":24,"value":1090}," 确认用户名，再检查 ",{"type":18,"tag":32,"props":1092,"children":1094},{"className":1093},[],[1095],{"type":24,"value":1096},"authorized_keys",{"type":18,"tag":979,"props":1098,"children":1099},{},[1100,1105,1110],{"type":18,"tag":1006,"props":1101,"children":1102},{},[1103],{"type":24,"value":1104},"看得到 Tailscale 设备但连不上 SSH",{"type":18,"tag":1006,"props":1106,"children":1107},{},[1108],{"type":24,"value":1109},"Tailscale 正常，SSH 服务本身没配好",{"type":18,"tag":1006,"props":1111,"children":1112},{},[1113],{"type":24,"value":1114},"回到第一步检查 OpenSSH Server 是否安装完成",{"type":18,"tag":174,"props":1116,"children":1117},{},[],{"type":18,"tag":19,"props":1119,"children":1121},{"id":1120},"安全建议",[1122],{"type":24,"value":1120},{"type":18,"tag":26,"props":1124,"children":1125},{},[1126],{"type":24,"value":1127},"这套方案已经比“直接把家里 22 端口暴露到公网”安全很多，但如果要长期使用，还是建议再做几件事：",{"type":18,"tag":68,"props":1129,"children":1130},{},[1131,1136,1141,1146],{"type":18,"tag":72,"props":1132,"children":1133},{},[1134],{"type":24,"value":1135},"优先使用 SSH 密钥登录，而不是只靠密码",{"type":18,"tag":72,"props":1137,"children":1138},{},[1139],{"type":24,"value":1140},"不要在路由器上额外做 22 端口映射",{"type":18,"tag":72,"props":1142,"children":1143},{},[1144],{"type":24,"value":1145},"给 Windows 账户设置强密码",{"type":18,"tag":72,"props":1147,"children":1148},{},[1149],{"type":24,"value":1150},"如果机器需要长期远程访问，检查是否会自动休眠",{"type":18,"tag":174,"props":1152,"children":1153},{},[],{"type":18,"tag":19,"props":1155,"children":1157},{"id":1156},"总结",[1158],{"type":24,"value":1156},{"type":18,"tag":26,"props":1160,"children":1161},{},[1162,1164,1169],{"type":24,"value":1163},"如果你的目标只是“在外面稳定地连回家里的 Windows 主机”，那么 ",{"type":18,"tag":46,"props":1165,"children":1166},{},[1167],{"type":24,"value":1168},"OpenSSH Server + Tailscale",{"type":24,"value":1170}," 是一套非常省心的方案。",{"type":18,"tag":26,"props":1172,"children":1173},{},[1174],{"type":24,"value":1175},"它的优势不在于炫技，而在于简单、实用、可长期维护：不用研究公网 IP，不用折腾路由器，也不用担心一堆家庭网络环境带来的坑。对于需要远程跑模型、传文件、执行命令的人来说，这基本已经够用了。",{"type":18,"tag":26,"props":1177,"children":1178},{},[1179],{"type":24,"value":1180},"如果后面你还想继续完善这套远程方案，可以再往下加：",{"type":18,"tag":68,"props":1182,"children":1183},{},[1184,1203,1208],{"type":18,"tag":72,"props":1185,"children":1186},{},[1187,1193,1195,1201],{"type":18,"tag":32,"props":1188,"children":1190},{"className":1189},[],[1191],{"type":24,"value":1192},"scp",{"type":24,"value":1194}," 或 ",{"type":18,"tag":32,"props":1196,"children":1198},{"className":1197},[],[1199],{"type":24,"value":1200},"rsync",{"type":24,"value":1202}," 传文件",{"type":18,"tag":72,"props":1204,"children":1205},{},[1206],{"type":24,"value":1207},"VS Code Remote SSH 远程开发",{"type":18,"tag":72,"props":1209,"children":1210},{},[1211],{"type":24,"value":1212},"Jupyter \u002F WebUI 通过 Tailscale 内网访问",{"type":18,"tag":26,"props":1214,"children":1215},{},[1216],{"type":24,"value":1217},"这样你的家用 GPU 主机，基本就能变成一台随时可用的私人算力节点。",{"type":18,"tag":1219,"props":1220,"children":1221},"style",{},[1222],{"type":24,"value":1223},"html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}",{"title":7,"searchDepth":264,"depth":264,"links":1225},[1226,1227,1228,1229,1230,1237,1241,1244,1246,1250,1251,1252],{"id":21,"depth":264,"text":21},{"id":64,"depth":264,"text":64},{"id":94,"depth":264,"text":94},{"id":138,"depth":264,"text":138},{"id":179,"depth":264,"text":182,"children":1231},[1232,1233,1234,1235,1236],{"id":191,"depth":273,"text":194},{"id":216,"depth":273,"text":219},{"id":243,"depth":273,"text":246},{"id":301,"depth":273,"text":301},{"id":395,"depth":273,"text":398},{"id":431,"depth":264,"text":434,"children":1238},[1239,1240],{"id":442,"depth":273,"text":442},{"id":527,"depth":273,"text":530},{"id":603,"depth":264,"text":606,"children":1242},[1243],{"id":658,"depth":273,"text":658},{"id":698,"depth":264,"text":1245},"可选优化：配置 ~\u002F.ssh\u002Fconfig",{"id":803,"depth":264,"text":806,"children":1247},[1248,1249],{"id":814,"depth":273,"text":817},{"id":876,"depth":273,"text":879},{"id":967,"depth":264,"text":967},{"id":1120,"depth":264,"text":1120},{"id":1156,"depth":264,"text":1156},"markdown","content:articles:devops:SSH连接.md","content","articles\u002Fdevops\u002FSSH连接.md","articles\u002Fdevops\u002FSSH连接","md",1779811687796]