LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 10-13-2003, 10:21 AM   #1
piter23
LQ Newbie
 
Registered: Oct 2003
Posts: 2

Rep: Reputation: 1
Unhappy ssh_exchange_identification: Connection closed by remote host


I have just install a mandrake 8.1 (i now its an old) with ssh (client & daemon).
I get a 'ssh_exchange_identification: Connection closed by remote host' when i try to connect
I didn't change anything to the config file (I think the problem is here).
What i want to do is to connect to my machine from any machine and make identification with login/pass

here is the message :
[root@server root]# ssh localhost -v
OpenSSH_9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connetc: getuid 0 geteunid 0 anon 1
debug1: Connecting to localhost [127.0.0.1] port 22
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done; type RSA
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
debug1: Calling Cleanup 0x8067590(0x0)

Any help welcome
thanks
 
Old 10-13-2003, 11:20 AM   #2
mbegemann
LQ Newbie
 
Registered: Oct 2003
Posts: 2

Rep: Reputation: 0
Just an FYI. I'm getting the same thing (almost identical output from a -v, same patch level of openssh) today on a few different machines. I've noticed that I cannot ssh to problem box from my box (which is on a different subnet from problem box) but I can get to problem box from another box (which is on the same subnet as my box, not problem box.) The hosts.allow on problem box is set up properly to allow all hosts from my subnet.
 
Old 10-13-2003, 11:46 AM   #3
piter23
LQ Newbie
 
Registered: Oct 2003
Posts: 2

Original Poster
Rep: Reputation: 1
me again

I've remove the problem by changing my hosts.deny (by removing all deny). you shoud check.
 
1 members found this post helpful.
Old 10-13-2003, 11:56 AM   #4
mbegemann
LQ Newbie
 
Registered: Oct 2003
Posts: 2

Rep: Reputation: 0
Thanks, but I'm not using a hosts.deny on problem box. I've found some info on other boards that suggests it may be a problem with DNS (the reverse lookup). Thanks again.
 
Old 11-24-2005, 06:32 AM   #5
bbbb
LQ Newbie
 
Registered: Nov 2005
Location: Amsterdam, Netherlands
Distribution: Mandriva cooker
Posts: 22

Rep: Reputation: 15
hi

I had the same problem with a fresh mandriva 2006.0 box with "higher" security level set during install. here was my output:
Code:
[bb@magicaltrevor local]$ ssh aeolus -v
OpenSSH_4.2p1, OpenSSL 0.9.7g 11 Apr 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to aeolus [10.0.0.180] port 22.
debug1: Connection established.
debug1: identity file /home/bb/.ssh/identity type -1
debug1: identity file /home/bb/.ssh/id_rsa type -1
debug1: identity file /home/bb/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
I changed the hosts.deny file from ALL:ALL EXCEPT 127.0.0.1:DENY to ALL:ALL EXCEPT 127.0.0.1 AND 10.0.0.181:DENY and I could connect to the machine from the 10.0.0.181 machine. though; I would like to be able to ssh from anywhere, since I kind of need that, and I trust ssh enough to allow incoming connections from 0.0.0.0 (should I?) . I don't know about the other services that use the file though; it must have been set to deny all for some reason..? Is it possible to deny all connections like it used to, except for ssh? that is, if it is at all worth it... ?

thnx
-b^4

edit>> new: when I change the file like that, I can log in for a while but then after a few minutes the line ALL:ALL EXCEPT 127.0.0.1:DENY is suddenly appended which appearantly overrides the previous one thus rendering the machine inaccessible again. this microsoft-like behaviour of a computer repeatedly insting not to follow what I tell him do gets so abnormally much on my nerves... please, someone, could you tell me what sinful string of insignificant bits causes this unsightly display?

thankyou -_-

edit>> second edit after a few months in which I progressed a bit in this area.

answer:
Code:
echo 'SSHD: ALL' >> /etc/hosts.allow
behold: it is done. hurrah.

and the 'sinful bits', as I used to call them, were appearantly the ones that mandriva created when I installed it with that security level. I should've used the allow file, not the deny.

Last edited by bbbb; 02-10-2006 at 11:59 AM.
 
Old 03-07-2006, 09:06 AM   #6
hoshen
LQ Newbie
 
Registered: Mar 2006
Location: UK and Israel
Distribution: Mandriva
Posts: 13

Rep: Reputation: 0
I used it too!!

Quote:
Originally Posted by bbbb
hi

I had the same problem with a fresh mandriva 2006.0 box with "higher" security level set during install. here was my output:
Code:
[bb@magicaltrevor local]$ ssh aeolus -v
OpenSSH_4.2p1, OpenSSL 0.9.7g 11 Apr 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to aeolus [10.0.0.180] port 22.
debug1: Connection established.
debug1: identity file /home/bb/.ssh/identity type -1
debug1: identity file /home/bb/.ssh/id_rsa type -1
debug1: identity file /home/bb/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
I changed the hosts.deny file from ALL:ALL EXCEPT 127.0.0.1:DENY to ALL:ALL EXCEPT 127.0.0.1 AND 10.0.0.181:DENY and I could connect to the machine from the 10.0.0.181 machine. though; I would like to be able to ssh from anywhere, since I kind of need that, and I trust ssh enough to allow incoming connections from 0.0.0.0 (should I?) . I don't know about the other services that use the file though; it must have been set to deny all for some reason..? Is it possible to deny all connections like it used to, except for ssh? that is, if it is at all worth it... ?

thnx
-b^4

edit>> new: when I change the file like that, I can log in for a while but then after a few minutes the line ALL:ALL EXCEPT 127.0.0.1:DENY is suddenly appended which appearantly overrides the previous one thus rendering the machine inaccessible again. this microsoft-like behaviour of a computer repeatedly insting not to follow what I tell him do gets so abnormally much on my nerves... please, someone, could you tell me what sinful string of insignificant bits causes this unsightly display?

thankyou -_-

edit>> second edit after a few months in which I progressed a bit in this area.

answer:
Code:
echo 'SSHD: ALL' >> /etc/hosts.allow
behold: it is done. hurrah.

and the 'sinful bits', as I used to call them, were appearantly the ones that mandriva created when I installed it with that security level. I should've used the allow file, not the deny.

Thanks
I got over my first sshd hurdle with your help!!
 
Old 09-18-2007, 06:12 AM   #7
karunakarpn
LQ Newbie
 
Registered: Sep 2007
Posts: 2

Rep: Reputation: 0
solution for ssh_exchange_identification problem

I solved this problem. This occured because of changing permissions in /var/ folder.
so now change permissions to
chmod -R 755 /var/

Now i got resolved this problem.
-Thanks
 
Old 05-21-2008, 09:01 AM   #8
nebupm
LQ Newbie
 
Registered: May 2008
Posts: 1

Rep: Reputation: 0
try to see if /var/empty exist

it may also be possible taht the directory /var/empty is non existent.

you can run the ssh daemon in test mod to figure out any problm with the configuration.

/usr/sbin/sshd -t
Missing privilege separation directory: /var/empty

create the directory and it may solve the problem.

cheers
nebu
 
Old 06-19-2009, 03:22 AM   #9
windwalker78
LQ Newbie
 
Registered: Aug 2006
Posts: 5

Rep: Reputation: 1
Quote:
Originally Posted by piter23 View Post
me again

I've remove the problem by changing my hosts.deny (by removing all deny). you shoud check.
Thank you! I reinstalled gnome, freenx, ssh and a couple of other stuff before reading your reply.
 
Old 01-10-2011, 04:23 AM   #10
ajo0909
LQ Newbie
 
Registered: Jun 2006
Distribution: Debian (Sarge,Sid,Etch)
Posts: 8

Rep: Reputation: 1
Wink system file rights could be messed up

Its Debian/Ubuntu relevant:
Make sure the ownership of your files inside the /var/run directory is had by root.

if its not you'll get this messege :

"ssh_exchange_identification: Connection closed by remote host"
 
Old 02-11-2012, 04:55 AM   #11
linuxmen
Member
 
Registered: Aug 2011
Distribution: fedora14,11, RHEL5, CentOS6, win2008R2, Win7
Posts: 45

Rep: Reputation: 4
Smile Final solution

configure hosts.allow to allow incoming ssh connections

Last edited by Tinkster; 02-24-2012 at 05:38 PM.
 
Old 02-24-2012, 01:23 PM   #12
TB0ne
LQ Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 26,520

Rep: Reputation: 7944Reputation: 7944Reputation: 7944Reputation: 7944Reputation: 7944Reputation: 7944Reputation: 7944Reputation: 7944Reputation: 7944Reputation: 7944Reputation: 7944
Quote:
Originally Posted by linuxmen View Post
configure hosts.allow to allow incoming ssh connections
Stop posting links to your own blog, please, and stop reopening old threads. You've posted in some threads that have been closed for SEVEN YEARS now...

Last edited by Tinkster; 02-24-2012 at 05:38 PM.
 
Old 08-13-2012, 07:00 PM   #13
dirk@unimelb.edu.au
LQ Newbie
 
Registered: Aug 2012
Posts: 1

Rep: Reputation: Disabled
I'm sorry TBOne, but that last post was the one that solved it for me even though it was years after the question - some people still have old problems
 
Old 07-19-2013, 03:03 PM   #14
ghosts
LQ Newbie
 
Registered: Apr 2012
Location: Calgary, Alberta
Distribution: CentOS 6, RHEL 5/6, Debian, AIX 5/6, OnTap
Posts: 2

Rep: Reputation: 0
Another thing to check would be presence/ownership/modes of /etc/passwd on the remote machine, if you have access to it, that is...

Last edited by ghosts; 07-19-2013 at 03:07 PM.
 
Old 07-31-2013, 11:59 AM   #15
tqisjim
LQ Newbie
 
Registered: Jul 2013
Posts: 3

Rep: Reputation: Disabled
Brute force attack!!

Apparently, there may be a policy about responding to a 10 year old post, but this was Google's first search result.

I investigated an occurrence of this problem today. The error message seems represent a generic "failure to connect" condition reported by the client, when the sshd refused to fork more threads to handle the incoming requests. As I increased the MaxStartup setting in /etc/ssh/sshd_config, incoming requests kept consuming all the new forks, leading me to concluded the effect of a brute force ssh attack.

Thankfully, the attack is temporary, and the only long term effect is heightened paranoia. Had the attack been persistent, effective resolution would require restricting access at a network firewall.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't SSH to remote machine: Connection closed by remote host Avatar Linux - Networking 35 10-23-2017 12:21 AM
rndc: connection to remote host closed. james.farrow Fedora 2 06-16-2004 11:40 AM
ssh_exchange_identification: Connection closed by remote host liguorir Linux - Software 3 09-18-2003 11:42 AM
ssh_exchange_identification: Connection closed by remote host ctav01 Linux - Networking 1 08-22-2003 07:14 PM
Ftp Connection closed by remote host 360 Linux - Networking 16 05-29-2002 04:16 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 05:20 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration