LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
LinkBack Search this Thread
Old 03-24-2010, 03:10 AM   #1
TIAHA David
LQ Newbie
 
Registered: Mar 2010
Posts: 4

Rep: Reputation: 0
Question ssh connexion problem from AIX server to Windows 2003 Server


Good day members,

I have configured Openssh on a Windows Server 2003 named bkp_swift1
This server bkp_swift1 is supposed to accept in coming connections from a cluster of AIX Servers for files transfer in both directions via scp and rcp. The cluster is made up of two nodes: SGBGEPROD1 and SGBGEPROD2.

I have succeeded to configure an ssh connection between:
node2(SGBGEPROD2) of the cluster and the Windows Server2003(bkp_swift1).
The file transfer with scp has also been tested between the two servers SGBGEPROD2<====>bkp_swift1 and is effective.

But when I attempt to carry out similar configuration between nod1 SGBGEPROD1 and the windows2003 server bkp_swift1,I encountered the following problem:

An attempt to ssh from:
node1 SGBGEPROD1 to the windows server 2003bkp_swift1
gives the following error message:
ssh_exchange_identification:connexion closed by remote host
Meanwhile, an ssh from the:
windows server 2003 bkp_swift1 to nod1 SGBGEPRD1 is successful as well as the file transfer.

Thanks for helping me to solve the problem ie configure ssh connexion from: node1 SGBGEPROD1 to the windows 2003 server bkp-swift1.

Regards.
 
Old 03-24-2010, 03:43 AM   #2
rizhun
Member
 
Registered: Jun 2005
Location: England
Distribution: Ubuntu, SLES, AIX
Posts: 268

Rep: Reputation: 47
Hi TIAHA David,

Please tell us what command you used to get this error.

Also, please provide the output from the command (run from your 'node1'):

ssh -vvv bkp_swift1

Thanks.
 
Old 03-24-2010, 06:37 AM   #3
TIAHA David
LQ Newbie
 
Registered: Mar 2010
Posts: 4

Original Poster
Rep: Reputation: 0
Hi RIZ,
Thanks for your concern.
In fact the command I use is:
#ssh bkp_swift (from node1)

below are the last five lines provided by the output from the command
#ssh -vvv bkp_swift1 (run from node 1):

debug2:key_type_from_name:unknown key type '-----END'
debug3:key_read:missing keytype
debug1:identity file /.ssh/id_rsa type 1
debug1:identity file /.ssh/id_rsa type -1
ssh_exhchange_identification:Connexion closed by remote host

Once more thanks for the concern

TIAHA David
 
Old 03-24-2010, 07:09 AM   #4
rizhun
Member
 
Registered: Jun 2005
Location: England
Distribution: Ubuntu, SLES, AIX
Posts: 268

Rep: Reputation: 47
Hello again,

A bit of searching found this thread: link

It doesn't strictly apply, as you're connecting to a Windows host, which doesn't have an /etc/hosts.deny file. However it presents an interesting avenue of investigation...

Can you SSH to 'localhost' when you're on the Windows host's command-line?
Are you running any Firewall software on the Windows host?
Have you looked in TCP/IP filtering under network properties, to see if the protocol/port is disabled?
Do you see any kind of 'SSH' prompt if you try and 'telnet bkp_swift 22'?

It definitely has the feel of a Network issue.

Good hunting.
 
Old 03-24-2010, 11:16 AM   #5
TIAHA David
LQ Newbie
 
Registered: Mar 2010
Posts: 4

Original Poster
Rep: Reputation: 0
Hi RIZ once more,

An ssh localhost on the Windows Server 2003 (bkp_swift1) works perfectly.
Also my Windows host has an /etc/hosts.deny file which is set as below:

ALL:ALL EXCEPT localhostENY

My supprise is that
an ssh from node2(SGBGEPROD2)=====> bkp_swift1(Windows Server2003) works perfectly.
But it is an ssh from node1 (SGBGEPROD1)===>bkp_swift1(Windows Server2003) that gives this error.
Whereas, an ssh from bkp_swift1 (Windows Server2003)====>node1 (SGBGEPROD1) also works perfectly.
All these servers are on the same lan. There is no firewall on the windows host.

Once more, your hints are wellcome

TIAHA David
 
Old 03-25-2010, 03:28 AM   #6
rizhun
Member
 
Registered: Jun 2005
Location: England
Distribution: Ubuntu, SLES, AIX
Posts: 268

Rep: Reputation: 47
You're right, it is a surprise that you can connect from anywhere with a hosts.deny file that is set to deny everything except traffic from the localhost.

Perhaps there are some more exemptions in /etc/hosts.allow that for some reason allows NODE2 to connect.

If I was you, I'd start by looking at these files.
First, comment-out all the lines in /etc/hosts.allow and /etc/hosts.deny.
Now re-try your SSH from NODE1 -- if it works, you know these files are the problem.

I wouldn't leave everything commented-out though, it's a bit of a security hole. If it does fix it, you should probably read up on these files and find a way of allowing the traffic.

Probably something like:

/etc/hosts.allow
Code:
sshd : ALL : allow
Good luck.
 
1 members found this post helpful.
Old 03-25-2010, 07:22 AM   #7
TIAHA David
LQ Newbie
 
Registered: Mar 2010
Posts: 4

Original Poster
Rep: Reputation: 0
Hi RIZ,

Your hints have been very useful to me. I can now ssh from node1 to the Windows Server2003 (bkp_swift1).
I first of all commented everything in the host.deny file and it did not solve the problem. I then commented everything in the host.allow file except the line
sshd : ALL : allow
and this was the final magic that oppened the way from node1 to the Windows Server 2003. Once more, thank you for your help.

I wish I could have your phone and mail contacts as I believe you could be very helpful to me in my AIX problems. I am actually the administrator of this cluster of AIX servers in a bank located in Malabo (Equatorial Guinea), a country in Central Africa. My phone number is: +240 595283. My mail is: dtiaha@gmail.com

Best regards.

TIAHA David
SGBGE
 
Old 03-25-2010, 08:04 AM   #8
rizhun
Member
 
Registered: Jun 2005
Location: England
Distribution: Ubuntu, SLES, AIX
Posts: 268

Rep: Reputation: 47
Hi TIAHA David,

I'm glad I could help.

Feel free to contact me whenever you like.
You can send me a PM through this site, or use the email functionality.
Add me to your LinuxQuestions.org 'Contacts'.

I'm usually around and if not, the site sends me email alerts when someone's trying to get in touch!

Speak to you soon.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
import users from Windows LDAP server to Windows 2003 server kpachopoulos General 2 11-26-2008 06:23 PM
Windows 2003 server network problem satish General 2 11-18-2007 09:47 PM
Linux to Windows 2003 AD, unable to ssh to server gambler1025 Linux - Server 2 02-14-2007 01:15 PM
Problem authenticating OpenBSD to a Windows 2003 Server blood_omen *BSD 1 04-25-2006 02:40 PM
Problem connecting SAMBA to Windows 2003 Server Micro420 Linux - Networking 5 11-08-2005 03:53 PM


All times are GMT -5. The time now is 11:14 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration