LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 12-18-2002, 11:41 AM   #1
cuss
Member
 
Registered: Dec 2002
Posts: 63

Rep: Reputation: 15
ssh issues


Hi,

I thought I successfully upgraded openssh from v 2.9 to v 3.5 but something funky is happening. When i type in rpm -q openssh-server it tells me openssh-server-3.5p1-1. I can connect to the box via ssh from my windows ssh client, however, nobody else can. The message that comes up is:

ssh_exchange_identification:connection closed by remote host.

When i log into a couple of the other linux servers running ssh and type in rpm -q openssh-server it also returns the appropriate response. Then as a backup I type in ssh -V to get the version number. When I type in ssh -V on the server I built it returns:

bash:ssh:command not found

There is obviously an issue somewhere. What i upgraded to on my redhat 7.2 server (2.4.7-10 i686) was openssh-server-3.5p1-1.i386.rpm and openssh-3.5p1-1.i386.rpm. I did not install the openssh-client-3.5p1-1.i386.rpm. Could this be the problem? The only other thing I can think of is that my redhat system is on an i686 box and the upgrades are i386.rpm. Is that the problem? I couldn't find openssh 3.5 for redhat i686 no matter where i went. If that is the problem can someone tell me where to find those packages? If that is the issue do I just simply upgrade again? The command I used to upgrade was:

rpm -Uvh openssh* (it seemed to work fine but i guess it didn't)

Should I use another command....maybe just rpm -U openssh*

Thanks for your help.
 
Old 12-18-2002, 11:45 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,378

Rep: Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963Reputation: 1963
well seeing as ssh itself is a client program and you say yourself that you've not installed the client programs package, I think that's somethign of a safe bet...
 
Old 12-18-2002, 12:15 PM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,994
Blog Entries: 54

Rep: Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745
ssh_exchange_identification:connection closed by remote host could mean you're running sshd with TCP wrappers enabled (libwrap, using /etc/hosts.{allow,deny}) but haven't enabled access to the sshd service for remote clients.
 
Old 12-18-2002, 12:22 PM   #4
cuss
Member
 
Registered: Dec 2002
Posts: 63

Original Poster
Rep: Reputation: 15
Yeah, I installed the client program right after I posted. That resloved one of the issues. From the box i built I was able to ssh to the other linux servers. But first there was a message saying:

the authenticity of host '1.2.3.4' can't be established
RSA key fingerprint is blah blah blah....
Are you sure you eant to continue connecting (yes/no)?

I typed in yes and then a warning came up:

Warning: Permanently added host '1.2.3.4' and i am prompted for the root password and I connect.

Now i can connect to the other linux servers from my server via ssh but when i try it the other way around i still get the message:

ssh_exchange_identification:connection closed by remote host

When I type in ssh -V on my box it no longer replies:

bash:ssh:command not found

it replies with the correct version of openssh. Also when i type in the command rpm -qa | grep openssh it responds with all 3 of the packages i installed.

Does anyone know what to do to solve the 'connection closed by remote host' message when i try to ssh to the linux server i just built from the other linux servers and windows clients?

Thanks.
 
Old 12-18-2002, 12:27 PM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,994
Blog Entries: 54

Rep: Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745
If it's not libwrap, then check if you made and distributed your ssh key's public part between servers. Also root logins aren't recommended. Login as a regular user and sudo over to the coveted root account if really necessary.
 
Old 12-18-2002, 12:31 PM   #6
cuss
Member
 
Registered: Dec 2002
Posts: 63

Original Poster
Rep: Reputation: 15
You may be right about the TCP Wrappers. I did put my syslog server on a different subnet and i didn't modify hosts.allow and hosts.deny.

hosts.allow is sshd:LOCAL and hosts.deny is ALL:ALL.

Would i fix my problem by modifying hosts.deny to allow any ssh client from the the subnet I am on? Although, I do get the 'connection closed by remote host' message even when i try to connect to this box from other linux machines on the same subnet. I guess i have to modify both hosts.allow and hosts.deny. Can anybody suggest the proper syntax? I will try the man pages as well.

Thanks.
 
Old 12-18-2002, 12:43 PM   #7
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,994
Blog Entries: 54

Rep: Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745
Last time I checked sshd didn't like /255 or /24 style subnet masks and the service name is not the IANA designated port service name, but the process name.
So, AFAIK the syntax is :"argv[0] process name: ipaddr, ipaddr, ipaddr".

Btw, you *did* propagate your keys, right?
 
Old 12-18-2002, 01:26 PM   #8
cuss
Member
 
Registered: Dec 2002
Posts: 63

Original Poster
Rep: Reputation: 15
Sorry, I'm new to the linux world and I kind of got lost on that last message. I didn't do anything with the keys. I'm not sure where to start with key authentication.

However, I did comment out the fields i added in both hosts.allow and hosts.deny and now i am able to ssh inbetween subnets and within the subnet i have the server setup in. I don't know how much security I have lost because of this.
 
Old 12-19-2002, 09:01 AM   #9
stickman
Senior Member
 
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552

Rep: Reputation: 53
Quote:
Originally posted by cuss
Would i fix my problem by modifying hosts.deny to allow any ssh client from the the subnet I am on? Although, I do get the 'connection closed by remote host' message even when i try to connect to this box from other linux machines on the same subnet. I guess i have to modify both hosts.allow and hosts.deny. Can anybody suggest the proper syntax? I will try the man pages as well.
Add your new entries to hosts.allow. It's best to leave hosts.deny just as you have it now.
 
Old 12-19-2002, 11:52 AM   #10
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,994
Blog Entries: 54

Rep: Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745Reputation: 2745
...and the key thing is where you generate a "fingerprint" locally (ssh-keygen) and add the public part (<keyname>.pub) to your remote accounts ~/.ssh/authorized_keys file if you want to use public key authentication to access your remote account. Same goes for accessing your local account from the remote one.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh and vnc forking issues phantompgr Linux - Software 2 04-16-2005 08:29 AM
ssh issues since upgrade to Slack v10 pH* Slackware 4 02-25-2005 02:22 PM
ssh display issues dsheppa4 Linux - Networking 1 11-24-2004 12:55 PM
SSH Tunnel and FTP Issues ayrton Linux - Networking 2 02-16-2004 05:03 AM
SSH connectivity issues wvrhlu Linux - Software 11 04-01-2003 08:59 PM


All times are GMT -5. The time now is 09:31 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration