LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   [Mandrake 9.1] Login problems with OpenSSH (https://www.linuxquestions.org/questions/linux-software-2/%5Bmandrake-9-1%5D-login-problems-with-openssh-103707/)

666Snake666 10-14-2003 02:55 AM
[Mandrake 9.1] Login problems with OpenSSH
 
Hello,

I am running a Mandrake 9.1 server with OpenSSH 3.6.1. I can login on the localhost but when I try to login from the internal network or from outside the internet it gives this error:

ssh_identification_exchange: Connection closed by remote host

My log files give this error:

sshd[4823]: refused connect from 193.172.*.* (193.172.*.*)

(I have replaced the last two bits of the IP with astrics so my IP-adress is not fully revealed)

I am running a firewall (shorewall) but it has port 22 open, so I don't think that that is the problem, since the problem remains when I shutdown the firewall. I can't really think of any more info at the moment which is relevant. I hope anybody can help me out with this.

Thanks in advantage.

iainr 10-14-2003 03:24 AM
Hi,

Can you run ssh with debug and post the output.

ssh -vvv 193.172.*.*

Iain.

666Snake666 10-14-2003 03:38 AM
[adminja@nlzei-ws-Jorn adminja]$ ssh -vvv jorn@62.194.*.* (This is the IP adress of my server)

OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug2: ssh_connect: needpriv 0
debug1: Connecting to 62.194.*.* [62.194.*.* port 22.
debug1: Connection established.
debug1: identity file /home/adminja/.ssh/identity type -1
debug1: identity file /home/adminja/.ssh/id_rsa type -1
debug1: identity file /home/adminja/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
debug1: Calling cleanup 0x8062180(0x0)
[adminja@nlzei-ws-Jorn adminja]$

andrewlkho 10-14-2003 05:21 AM
Hi,
Can you post your sshd_config file?

iainr 10-14-2003 05:25 AM
Try renaming your ~/.ssh directory to another name (i.e. move it) and see if that makes a difference.

666Snake666 10-14-2003 06:08 AM
Here is my sshd.conf: (On my server, of course)

Quote:
#$OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

#Port 22
Protocol 1,2
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 120
#PermitRootLogin yes
#StrictModes yes

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys

# rhosts authentication should not be used
#RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

#AFSTokenPassing no

# Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no

# Set this to 'yes' to enable PAM keyboard-interactive authentication
# Warning: enabling this may bypass the setting of 'PasswordAuthentication'
#PAMAuthenticationViaKbdInt no

X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression yes

#MaxStartups 10
# no default banner path
#Banner /some/path
#VerifyReverseMapping no

# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server
PermitRootLogin without-password
IgnoreRhosts yes
RhostsRSAAuthentication no
RhostsAuthentication yes
IgnoreUserKnownHosts yes
PrintMotd yes
StrictModes no
RSAAuthentication yes
PermitEmptyPasswords no
PasswordAuthentication yes
ReverseMappingCheck no
GatewayPorts yes
AllowTcpForwarding yes
KeepAlive yes
@ianr

Unfortunately that did not made a difference.

666Snake666 10-15-2003 06:13 AM
Can anybody help me out with this? If not it is all right, but I would definitely would like to have my SSH server running.


All times are GMT -5. The time now is 05:55 PM.