SSH Problem RHEL -> AIX Connection closed by remote host
Hello,
I have a problem connectin via ssh from rhel5.4 server to aix5.3 server. I searched and found a lot of people with familiar problem but not quite like mine. I have a central red hat server, from which I'm accessing all my AIX\LINUX servers (ssh connection). It been like this since a year ago. Now, for couple of days I can't establish ssh connection from my red hat server to 2-3 AIX servers, and meanwhile I'm accessing via telnet. the error I recieve is: Code:
root@RHEL_server:~ > ssh AIX_server I tried to restart the sshd on the AIX servers, and checking for maxconnection config in sshd_conf (it was commented in # ). There is a way to solve this problem? It would be nice if i won't need to re-generat the ssh key, because if it will cange, i will need to change the autorized_keys files on all of my AIX\LINUX servers. Thank you! |
Try "ssh -vv AIX_server"
That will provide debug information. Also check the permissions of your ~/.ssh/ directory, the permissions of the private key and the permissions of your home directory. Also these permissions on the AIX_server. Lax permissions can cause ssh to not allow a connection. Another problem could be if your IP address doesn't match a DNS lookup. I had a similar problem because I used "user@host" instead of "user@host.domain" in AllowUsers on the servers configuration. The difference from before was the order of the two forms in my /etc/hosts file. Also check the logs on the AIX server. It may indicate exactly what the problem was. I've been assuming that that features of ssh on the AIX server match openssh's. |
Thank you for the quick reply!
I check the permissions, on both servers they are ok. The ip address is correct. It dosn't work when the server is in the /etc/hosts, and it dosn't work when the servers ins't there The logs in the AIX don't have anything relevant to this. and the output of the ssh -vv command is: Code:
root@RHEL_server:~ > ssh -vv AIX_server Code:
debug2: we sent a publickey packet, wait for reply" |
This looks like the problem:
Connection closed by ip_address Your IP address doesn't match the servers lookup for your host or a host with your IP address isn't allowed access. access.conf or hosts.deny could be the reason as well as the dns lookup. ( assuming that AIX uses those ) Securetty might be the reason if logging in as root. |
The servers lookup is ok, or maybe the check that i'm doing ist right:
If I ping the hostname - it comes back with the right IP address. Is there other check that i can do? The aix isn't working with those files. |
Check your public key entry for authorized_hosts on the AIX for a "from=" field at the beginning. Check the known_hosts file. If it lists the IP address, does it match.
For this example, from known_hosts, does the IP address of qosmio match the IP listed. Code:
qosmio,192.168.1.100 ssh-rsa AAAA... The sshd manpage has some examples for authorized_keys entries: Code:
from="*.sales.example.net,!pc.sales.example.net" ssh-rsa Check what kind of ssh server software does the AIX ssh server run. A commercial server my expect slightly differently named files for authorized_keys and known_hosts. If you can't find anything, maybe you need to post the AIX's sshd_config file. Someone may spot something. |
jschiwal thank you!
Well the problem is diffrences between openSSH versions. The source (linux) server is OpenSSH_4.3p2, and the destination (aix) server is OpenSSH_5.2p1. I managed not having the "connection closed by ip_address" massage by changing in the aix sshg_config file the parameter "Protocol" from 2 to 1. Now it connects, but I can't configure login with no password. I added the rsa public key of the linux server (source) to the authorizes_keys of the aix server (destination), with no success. Is there a way to be able to login without passwort from low version of ssh to higher version of ssh? |
All times are GMT -5. The time now is 03:23 AM. |