LinuxQuestions.org - ssh_exchange_identification: Connection closed by remote host... portsentry

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - ssh_exchange_identification: Connection closed by remote host... portsentry (https://www.linuxquestions.org/questions/linux-security-4/ssh_exchange_identification-connection-closed-by-remote-host-portsentry-768415/)

mythicsentinel

11-11-2009 08:06 AM

ssh_exchange_identification: Connection closed by remote host... portsentry

I recently installed portsentry and i ran an nmap scan against the server. I logged out, but i can't seem to log back in from the machine i ran the scan from.
I get the following when i try:
ssh_exchange_identification: Connection closed by remote host.
Pls help

centosboy

11-11-2009 08:17 AM

Quote:

Originally Posted by mythicsentinel (Post 3752922)

portsentry is possibly blocking you out. you may have to try from a remote server and remove the blocked ip from /etc/hosts.deny or iptables or wait for the block to timeout if this is how you have configured it

mythicsentinel

11-11-2009 09:38 AM

Quote:

Originally Posted by centosboy (Post 3752936)

The IP entry in /etc/hosts/deny has been removed but i still can't log in, any pointers as to how i remove the entry from iptables?

centosboy

11-11-2009 09:41 AM

Quote:

Originally Posted by mythicsentinel (Post 3753028)

The IP entry in /etc/hosts/deny has been removed but i still can't log in, any pointers as to how i remove the entry from iptables?

well, first check it is there...!
it only adds to the running config anyway, so if it is there, restarting iptables should do it.

check first

Code:

iptables -L -n -v | grep <ipaddress>

All times are GMT -5. The time now is 08:04 AM.