ssh_exchange_identification: Connection closed by remote host
Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
ssh_exchange_identification: Connection closed by remote host
I have just install a mandrake 8.1 (i now its an old) with ssh (client & daemon).
I get a 'ssh_exchange_identification: Connection closed by remote host' when i try to connect
I didn't change anything to the config file (I think the problem is here).
What i want to do is to connect to my machine from any machine and make identification with login/pass
here is the message :
[root@server root]# ssh localhost -v
OpenSSH_9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connetc: getuid 0 geteunid 0 anon 1
debug1: Connecting to localhost [127.0.0.1] port 22
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done; type RSA
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
debug1: Calling Cleanup 0x8067590(0x0)
Just an FYI. I'm getting the same thing (almost identical output from a -v, same patch level of openssh) today on a few different machines. I've noticed that I cannot ssh to problem box from my box (which is on a different subnet from problem box) but I can get to problem box from another box (which is on the same subnet as my box, not problem box.) The hosts.allow on problem box is set up properly to allow all hosts from my subnet.
Thanks, but I'm not using a hosts.deny on problem box. I've found some info on other boards that suggests it may be a problem with DNS (the reverse lookup). Thanks again.
I had the same problem with a fresh mandriva 2006.0 box with "higher" security level set during install. here was my output:
Code:
[bb@magicaltrevor local]$ ssh aeolus -v
OpenSSH_4.2p1, OpenSSL 0.9.7g 11 Apr 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to aeolus [10.0.0.180] port 22.
debug1: Connection established.
debug1: identity file /home/bb/.ssh/identity type -1
debug1: identity file /home/bb/.ssh/id_rsa type -1
debug1: identity file /home/bb/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
I changed the hosts.deny file from ALL:ALL EXCEPT 127.0.0.1:DENY to ALL:ALL EXCEPT 127.0.0.1 AND 10.0.0.181:DENY and I could connect to the machine from the 10.0.0.181 machine. though; I would like to be able to ssh from anywhere, since I kind of need that, and I trust ssh enough to allow incoming connections from 0.0.0.0 (should I?) . I don't know about the other services that use the file though; it must have been set to deny all for some reason..? Is it possible to deny all connections like it used to, except for ssh? that is, if it is at all worth it... ?
thnx
-b^4
edit>> new: when I change the file like that, I can log in for a while but then after a few minutes the line ALL:ALL EXCEPT 127.0.0.1:DENY is suddenly appended which appearantly overrides the previous one thus rendering the machine inaccessible again. this microsoft-like behaviour of a computer repeatedly insting not to follow what I tell him do gets so abnormally much on my nerves... please, someone, could you tell me what sinful string of insignificant bits causes this unsightly display?
thankyou -_-
edit>> second edit after a few months in which I progressed a bit in this area.
answer:
Code:
echo 'SSHD: ALL' >> /etc/hosts.allow
behold: it is done. hurrah.
and the 'sinful bits', as I used to call them, were appearantly the ones that mandriva created when I installed it with that security level. I should've used the allow file, not the deny.
I had the same problem with a fresh mandriva 2006.0 box with "higher" security level set during install. here was my output:
Code:
[bb@magicaltrevor local]$ ssh aeolus -v
OpenSSH_4.2p1, OpenSSL 0.9.7g 11 Apr 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to aeolus [10.0.0.180] port 22.
debug1: Connection established.
debug1: identity file /home/bb/.ssh/identity type -1
debug1: identity file /home/bb/.ssh/id_rsa type -1
debug1: identity file /home/bb/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
I changed the hosts.deny file from ALL:ALL EXCEPT 127.0.0.1:DENY to ALL:ALL EXCEPT 127.0.0.1 AND 10.0.0.181:DENY and I could connect to the machine from the 10.0.0.181 machine. though; I would like to be able to ssh from anywhere, since I kind of need that, and I trust ssh enough to allow incoming connections from 0.0.0.0 (should I?) . I don't know about the other services that use the file though; it must have been set to deny all for some reason..? Is it possible to deny all connections like it used to, except for ssh? that is, if it is at all worth it... ?
thnx
-b^4
edit>> new: when I change the file like that, I can log in for a while but then after a few minutes the line ALL:ALL EXCEPT 127.0.0.1:DENY is suddenly appended which appearantly overrides the previous one thus rendering the machine inaccessible again. this microsoft-like behaviour of a computer repeatedly insting not to follow what I tell him do gets so abnormally much on my nerves... please, someone, could you tell me what sinful string of insignificant bits causes this unsightly display?
thankyou -_-
edit>> second edit after a few months in which I progressed a bit in this area.
answer:
Code:
echo 'SSHD: ALL' >> /etc/hosts.allow
behold: it is done. hurrah.
and the 'sinful bits', as I used to call them, were appearantly the ones that mandriva created when I installed it with that security level. I should've used the allow file, not the deny.
Thanks
I got over my first sshd hurdle with your help!!
configure hosts.allow to allow incoming ssh connections
Stop posting links to your own blog, please, and stop reopening old threads. You've posted in some threads that have been closed for SEVEN YEARS now...
I'm sorry TBOne, but that last post was the one that solved it for me even though it was years after the question - some people still have old problems
Apparently, there may be a policy about responding to a 10 year old post, but this was Google's first search result.
I investigated an occurrence of this problem today. The error message seems represent a generic "failure to connect" condition reported by the client, when the sshd refused to fork more threads to handle the incoming requests. As I increased the MaxStartup setting in /etc/ssh/sshd_config, incoming requests kept consuming all the new forks, leading me to concluded the effect of a brute force ssh attack.
Thankfully, the attack is temporary, and the only long term effect is heightened paranoia. Had the attack been persistent, effective resolution would require restricting access at a network firewall.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.