bugzilla-daemon at mindrot.org
2004-Aug-20 00:35 UTC
[Bug 917] ssh_exchange_identification: Connection closed by remote host
http://bugzilla.mindrot.org/show_bug.cgi?id=917
Summary: ssh_exchange_identification: Connection closed by remote
host
Product: Portable OpenSSH
Version: 3.6.1p2
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P3
Component: sshd
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: henry.herold at comcast.net
I can't ssh into my machine. i am able to ssh localhost and log in with a
password (i am also able to remotely http to it) but remotely i can't log
in.
here is the debug output:
ssh -v -v -v -P pcp01417125pcs.umrion01.pa.comcast.net
OpenSSH_3.7p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003
debug1: Reading configuration data /usr/local/etc/ssh_config
debug3: RNG is ready, skipping seeding
debug2: ssh_connect: needpriv 0
debug1: Connecting to pcp01417125pcs.umrion01.pa.comcast.net [x.x.x.x] port 22.
debug1: Connection established.
debug1: identity file /u/a173325/.ssh/identity type -1
debug1: identity file /u/a173325/.ssh/id_rsa type -1
debug1: identity file /u/a173325/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host
debug1: Calling cleanup 0x2002ae54(0x0)
/etc/hosts.allow:
ALL: ALL
nothing in hosts.deny
/var/log secure:
Aug 19 07:28:44 pcp01417125pcs sshd[4782]: Server listening on x.x.x.x port 22.
Aug 19 18:45:17 pcp01417125pcs xinetd[4795]: START: sgi_fam pid=6508 from=<no
address>
--end--
[root at pcp01417125pcs etc]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Aug-20 00:40 UTC
[Bug 917] ssh_exchange_identification: Connection closed by remote host
http://bugzilla.mindrot.org/show_bug.cgi?id=917 ------- Additional Comments From henry.herold at comcast.net 2004-08-20 10:40 ------- Created an attachment (id=700) --> (http://bugzilla.mindrot.org/attachment.cgi?id=700&action=view) sshd_config ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Aug-20 00:45 UTC
[Bug 917] ssh_exchange_identification: Connection closed by remote host
http://bugzilla.mindrot.org/show_bug.cgi?id=917 ------- Additional Comments From djm at mindrot.org 2004-08-20 10:45 ------- A debug trace from the client isn't too helpful, can you attach a trace from the server "sshd -ddd"? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Aug-20 21:37 UTC
[Bug 917] ssh_exchange_identification: Connection closed by remote host
http://bugzilla.mindrot.org/show_bug.cgi?id=917 ------- Additional Comments From henry.herold at comcast.net 2004-08-21 07:37 ------- [root at pcp01417125pcs root]# sshd -ddd debug1: sshd version OpenSSH_3.5p1 debug1: private host key: #0 type 0 RSA1 debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key. debug1: read PEM private key done: type RSA debug1: private host key: #1 type 1 RSA debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key. debug1: read PEM private key done: type DSA debug1: private host key: #2 type 2 DSA debug1: Bind to port 22 on x.x.x.x. Server listening on x.x.x.x port 22. Generating 768 bit RSA key. RSA key generation complete. i tried multiple remote logins but could not get in. nothing in the debug trace above or in /var/log/secure ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Aug-21 01:23 UTC
[Bug 917] ssh_exchange_identification: Connection closed by remote host
http://bugzilla.mindrot.org/show_bug.cgi?id=917 ------- Additional Comments From dtucker at zip.com.au 2004-08-21 11:23 ------- The debug log shows no indication that you're even connecting to sshd. Perhaps the connection is being rejected by a firewall or NATed to another port? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Aug-21 02:14 UTC
[Bug 917] ssh_exchange_identification: Connection closed by remote host
http://bugzilla.mindrot.org/show_bug.cgi?id=917 ------- Additional Comments From henry.herold at comcast.net 2004-08-21 12:14 ------- i have no firewall rules set up. (see iptables output) i have no hardware firewall. the server logs show no indication of a connection being made, but i'm confused as to why the debug output of the client states that a connection is established before i get the ssh_exchange_identification error. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Aug-21 02:40 UTC
[Bug 917] ssh_exchange_identification: Connection closed by remote host
http://bugzilla.mindrot.org/show_bug.cgi?id=917
------- Additional Comments From dtucker at zip.com.au 2004-08-21 12:40 -------
You're connecting to something but it's not the sshd you've got
running in debug
mode. Try using "lsof -i :22" to see what's listening on port 22.
Check your
NAT table too ("iptables -t nat -L").
It's also possible your ISP is blocking/redirecting port 22. Try
"tcpdump tcp
port 22" while you're trying to connect and see if you're even
getting packets.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Aug-21 23:48 UTC
[Bug 917] ssh_exchange_identification: Connection closed by remote host
http://bugzilla.mindrot.org/show_bug.cgi?id=917 ------- Additional Comments From henry.herold at comcast.net 2004-08-22 09:48 ------- thanks for the effort. a lot of info i never knew i could look at. appended below are the outputs to my lsof, iptables -nat, tcpdump (tcpdump is from my host to a computer i no longer have an account on. i got the same ssh_exchange_identification error where it didn't prompt me for a password): [root at pcp01417125pcs alsa]# lsof -i :22 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME sshd 4791 root 3u IPv4 4452 TCP pcp01417125pcs.umrion01.pa.comcast.net:ssh (LISTEN) [root at pcp01417125pcs alsa]# iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination tcpdump: listening on eth0 19:41:59.514613 pcp01417125pcs.umrion01.pa.comcast.net.35481 > snowhite.cis.temple.edu.ssh: S 3155502819:3155502819(0) win 5840 <mss 1460,sackOK,timestamp 1364052 0,nop,wscale 0> (DF) 19:41:59.527604 snowhite.cis.temple.edu.ssh > pcp01417125pcs.umrion01.pa.comcast.net.35481: S 1414673544:1414673544(0) ack 3155502820 win 33580 <mss 1460,nop,wscale 0> (DF) 19:41:59.527669 pcp01417125pcs.umrion01.pa.comcast.net.35481 > snowhite.cis.temple.edu.ssh: . ack 1 win 5840 (DF) 19:42:04.854215 snowhite.cis.temple.edu.ssh > pcp01417125pcs.umrion01.pa.comcast.net.35481: F 1:1(0) ack 1 win 33580 (DF) 19:42:04.854502 pcp01417125pcs.umrion01.pa.comcast.net.35481 > snowhite.cis.temple.edu.ssh: F 1:1(0) ack 2 win 5840 (DF) 19:42:04.864586 snowhite.cis.temple.edu.ssh > pcp01417125pcs.umrion01.pa.comcast.net.35481: . ack 2 win 33580 (DF) 6 packets received by filter 0 packets dropped by kernel ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Aug-22 00:10 UTC
[Bug 917] ssh_exchange_identification: Connection closed by remote host
http://bugzilla.mindrot.org/show_bug.cgi?id=917 ------- Additional Comments From dtucker at zip.com.au 2004-08-22 10:10 ------- I suggest you kill off the running sshd that's listening on port 22 then re-run the sshd -ddd test. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Aug-27 16:55 UTC
[Bug 917] ssh_exchange_identification: Connection closed by remote host
http://bugzilla.mindrot.org/show_bug.cgi?id=917
henry.herold at comcast.net changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2004-Aug-27 17:05 UTC
[Bug 917] ssh_exchange_identification: Connection closed by remote host
http://bugzilla.mindrot.org/show_bug.cgi?id=917 ------- Additional Comments From henry.herold at comcast.net 2004-08-28 03:05 ------- I was able to ssh out to HBX networks luna machine, which came back online recently. i was able to ssh back into my server from luna. my workplace must have some filters/ firewalls in place which stops traffic from certain ports. thanks all for your help. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Possibly Parallel Threads
- ssh_exchange_identification: Connection closed by remote host
- ssh client does not timeout if the network fails after ssh_connect but before ssh_exchange_identification, even with Alive options set
- ssh_exchange_identification fails
- [Bug 2732] New: select() is not called properly in ssh_exchange_identification()
- ssh_exchange_identification: Connection closed by remote host