clash设置直连
域名后缀匹配,注意此方法可能随配置文件更新而变动,且中间仍经过代理只是直连
- DOMAIN-SUFFIX,baidu.com,DIRECT
clash设置绕过代理直连
Settings-Bypass Domain加入
- ‘*.baidu.com’
Github加速命令,7890是端口号
git config –global https.proxy http://127.0.0.1:7890
git config –global http.proxy ‘socks5://127.0.0.1:7890’
git config –global https.proxy ‘socks5://127.0.0.1:7890’
测试设置在全局-日本节点
SSH-R服务器远程转发7890端口
先在命令行使用任意ssh命令登录,在服务器设置 ssh
sudo vim /etc/ssh/sshd_config将以下内容设置成yes且取消注释
AllowTcpForwarding yes
GatewayPorts yes
PermitTunnel yes
PubkeyAuthentication yes转发需要使用ssh密钥连接,没有密钥生成一个,将本机的密钥同步到服务器并给予权限
生成密钥,重新在本机打开一个 PowerShell 或 git bash 中运行以下命令
ssh-keygen -t rsa -b 4096 -C "你的邮箱@地址"然后指定密钥保存位置,默认回车即可
然后可以指定一个密码短语,相当于平时 ssh -p 正常登录的密码
Enter passphrase (empty for no passphrase):回到之前命令行登录的服务器,重启 ssh 服务并将本机密钥添加到服务器上的 authorized_keys 文件中,允许你使用密钥登录远程服务器,而不需要每次都输入密码
service ssh restart
mkdir -p ~/.ssh
echo "C:\Users\AlexLee\.ssh\id_rsa.pub里面的内容" >> ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
chmod 700 ~/.ssh然后可以尝试用命令行转发端口登录,32227是服务器端口,默认是22,如果登录成功则密钥配置正确
ssh -i C:\Users\AlexLee\.ssh\id_rsa -p 32227 -R 32227:localhost:7890 root@服务器IP(可选)建议使用vscode连接(PyCharm 自带的 SSH 功能主要用于连接远程主机并进行远程开发,但默认情况下,它并不直接支持 SSH 隧道,尤其是 ssh -R 这种反向端口转发),配置好远程连接后,在config里填写。IdentityFile是本机的密钥文件
# Read more about SSH config files: https://linux.die.net/man/5/ssh_config
Host A100-40
HostName 服务器IP
Port 32227
User root
IdentityFile C:/Users/AlexLee/.ssh/id_rsa
RemoteForward 32227 localhost:7890将本机的clash打开全局/rule和allow lan,在事先连接的服务器上设置延迟,并将http代理端口转发到服务器端口
vim ~/.bashrcexport GIT_HTTP_LOW_SPEED_LIMIT=1000
export GIT_HTTP_LOW_SPEED_TIME=600
export https_proxy=http://localhost:32227
export http_proxy=http://localhost:32227source ~/.bashrc保证端口号不被占用
lsof -i :32227测试
curl -v -I https://github.com出现成功
* Uses proxy env variable https_proxy == 'http://localhost:32227'
* Trying 127.0.0.1:32227...
* Connected to (nil) (127.0.0.1) port 32227 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to github.com:443
> CONNECT github.com:443 HTTP/1.1
> Host: github.com:443
> User-Agent: curl/7.81.0
> Proxy-Connection: Keep-Alive
...测试2
curl -v -I https://huggingface.co* Rebuilt URL to: https://huggingface.co/
* Trying 54.91.139.155...
* TCP_NODELAY set
* Connected to huggingface.co (54.91.139.155) port 443 (#0)
* found 149 certificates in /etc/ssl/certs/ca-certificates.crt
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384
* server certificate verification OK
* server certificate status verification SKIPPED
* common name: *.huggingface.co (matched)
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #3
* subject: CN=*.huggingface.co
* start date: Jan 15 00:00:00 2023 GMT
* expire date: Jan 15 23:59:59 2024 GMT
* issuer: C=US,O=Let's Encrypt,CN=R3
* ALPN, server accepted to use http/1.1
> HEAD / HTTP/1.1
> Host: huggingface.co
> User-Agent: curl/7.68.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Thu, 11 Jul 2024 08:56:24 GMT
< Content-Type: text/html; charset=utf-8
< Connection: keep-alive
< Vary: Accept-Encoding
< Vary: Cookie
< Content-Language: en
...代理可能会转向默认的,失效就再export
跳板机使用方法
这里本机是windows,跳板机是ubuntu,服务器是ubuntu。
首先在跳板机安装ssh服务
# 检查 SSH 服务是否安装
dpkg -l | grep openssh-server # 对于基于 Debian/Ubuntu 的系统
# Ubuntu安装ssh服务
sudo apt update
sudo apt install openssh-server
# 启动ssh服务
sudo systemctl start ssh
sudo systemctl enable ssh修改跳板机ssh配置
# 修改跳板机ssh配置,使得准许外机用ssh连接
sudo nano /etc/ssh/sshd_config
# 修改下面几个为yes
PasswordAuthentication yes
PermitRootLogin yes
PubkeyAuthentication yes
# 重新应用配置
sudo systemctl restart sshvscode修改跳板机连接服务器配置,点击vscode远程连接SSH右边的设置符号,我的在/home/alexlee/.ssh/config
Host A100-40
HostName 服务器IP
Port 服务器端口号
User root
IdentityFile ~/.ssh/id_rsavscode修改本机的连接服务器配置,这里我用了clash转发,也可以不使用
# windows本机
Host ubuntu2204
HostName 跳板机IP
User root
IdentityFile C:/Users/AlexLee/.ssh/id_rsa
Host A100-40
HostName 服务器IP
Port 服务器端口号
User root
IdentityFile ~/.ssh/id_rsa
ProxyJump ubuntu2204
RemoteForward 服务器端口号 localhost:7890最后vscode连接的时候先连跳板机,再连服务器
