You are not logged in.

#1 2003-01-14 09:25:20

ody
Member
From: Manchester, UK
Registered: 2002-08-12
Posts: 216
Website

sshd problems

ssh_exchange_identification: Connection closed by remote host

anyone else getting this problem ?

Offline

#2 2003-01-14 13:58:57

jlvsimoes
Member
From: portugal
Registered: 2002-12-23
Posts: 392
Website

Re: sshd problems

no but i got this one
sshd
OpenSSL version mismatch. Built against 906080, you have 90608f


-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GU/ d- s: a- C L U P+ L+++ E--- W+
N 0+ K- W-- !O !M V-- PS+ PE- V++ PGP T 5 Z+ R* TV+ B+
DI-- D- G-- e-- h! r++ z+ z*
------END GEEK CODE BLOCK------

Offline

#3 2003-01-14 16:36:36

ody
Member
From: Manchester, UK
Registered: 2002-08-12
Posts: 216
Website

Re: sshd problems

pacman -S openssl openssh

and that should be fixed

Offline

#4 2003-01-14 21:36:38

jlvsimoes
Member
From: portugal
Registered: 2002-12-23
Posts: 392
Website

Re: sshd problems

that solved my problem thanks


-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GU/ d- s: a- C L U P+ L+++ E--- W+
N 0+ K- W-- !O !M V-- PS+ PE- V++ PGP T 5 Z+ R* TV+ B+
DI-- D- G-- e-- h! r++ z+ z*
------END GEEK CODE BLOCK------

Offline

#5 2003-01-30 01:02:41

jlvsimoes
Member
From: portugal
Registered: 2002-12-23
Posts: 392
Website

Re: sshd problems

try to remove ALL on /etc/hosts.denny
and on /etc/hosts.allow
includ ALL: ALL :ALLOW
and your problem is solved
it worked for me


-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GU/ d- s: a- C L U P+ L+++ E--- W+
N 0+ K- W-- !O !M V-- PS+ PE- V++ PGP T 5 Z+ R* TV+ B+
DI-- D- G-- e-- h! r++ z+ z*
------END GEEK CODE BLOCK------

Offline

#6 2003-02-01 00:00:05

JDawson
Member
Registered: 2003-01-16
Posts: 28

Re: sshd problems

I am also having a problem i did:
    pacman -S openssl openssh
and they installed but it won't let me start the ssh daemon?
It doesn't give me any output to say why it fails.

Any help would be appreciated smile
thanx

Offline

#7 2003-02-01 01:53:51

jlvsimoes
Member
From: portugal
Registered: 2002-12-23
Posts: 392
Website

Re: sshd problems

did you do /etc/rc.d/sshd start
????


-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GU/ d- s: a- C L U P+ L+++ E--- W+
N 0+ K- W-- !O !M V-- PS+ PE- V++ PGP T 5 Z+ R* TV+ B+
DI-- D- G-- e-- h! r++ z+ z*
------END GEEK CODE BLOCK------

Offline

#8 2003-02-01 02:13:25

JDawson
Member
Registered: 2003-01-16
Posts: 28

Re: sshd problems

yah, is there a log that i could check to see why it failed?

Offline

#9 2003-02-02 03:53:23

BluPhoenyx
Member
Registered: 2002-12-23
Posts: 239

Re: sshd problems

How do you know the daemon isn't running? Did you try and ssh to the local box? ie, ssh localhost or ssh 'machine.domain' What error resulted.

For those, like me who tend to be a little paranoid about unscheduled external access of my systems, the hint for removing the ALL from hosts.deny is NOT the approved method. This basically leaves your box wide open. For some people this may not be a problem but for others with certain types of Internet access, this is a gaping security hole. The proper method is to add the necessary entries to the /etc/hosts.allow file. You should be able to find very useful info in the man pages hosts_access(5) or tcpd for more generic info.

I'm not at my AL box right now (doing a little tech work on a Win PC and VNC'd to the server) so I can't verify this but IIRC, the standard /var/log/messages file should show something. At the very least, it should show ssh login attempts.


BluPhoenyx

Offline

#10 2003-02-02 23:19:46

jlvsimoes
Member
From: portugal
Registered: 2002-12-23
Posts: 392
Website

Re: sshd problems

ok but i got iptables up and runing and its just a ( tip )
in not very paranoid tongue


-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GU/ d- s: a- C L U P+ L+++ E--- W+
N 0+ K- W-- !O !M V-- PS+ PE- V++ PGP T 5 Z+ R* TV+ B+
DI-- D- G-- e-- h! r++ z+ z*
------END GEEK CODE BLOCK------

Offline

#11 2003-02-04 02:41:19

BluPhoenyx
Member
Registered: 2002-12-23
Posts: 239

Re: sshd problems

jlvsimoes wrote:

ok but i got iptables up and runing and its just a ( tip )
in not very paranoid tongue

Yes, but it's not you that you have to worry about. It's those folks who want to trash your system just because it's there. Iptables is a great first line of defense but I hope it's not your only one.

Even my simple 56k ISP connection which may be up for days gets attacked. It does so only because it's available on the net and not because it hides anything valuable. Sure, I could rebuild the OS setup should something happen but, IMHO, it's a violation which I would take personally.

With an ever growing computer population that has fast, global network access, security is not an issue to be taken lightly by anybody. If MS had been more concerned about it, their OS wouldn't be leaking packets all over the internet now.


BluPhoenyx

Offline

#12 2003-02-04 05:58:40

jlvsimoes
Member
From: portugal
Registered: 2002-12-23
Posts: 392
Website

Re: sshd problems

hum this is not the place to talk about this kind off stuff , but 1º
yes being secure is ( nice ) , 2º if someone needs to be secure .please secure yourself
3º the post i did is simple and it worked for me im not her to teach no one
just because i think there are tho kind off user those who make and care and develop and those o use . i use and if i got a problem i solve the good way , the bad way .. personaly dont care its solved its good , and again i say . for me but i will make an efort to do things the rigth way , one more thing did you have the exact same error as posted here . i did
thaks in advance and im sorry for mi bad language=EN
not my native language


-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GU/ d- s: a- C L U P+ L+++ E--- W+
N 0+ K- W-- !O !M V-- PS+ PE- V++ PGP T 5 Z+ R* TV+ B+
DI-- D- G-- e-- h! r++ z+ z*
------END GEEK CODE BLOCK------

Offline

#13 2003-02-04 06:07:53

jlvsimoes
Member
From: portugal
Registered: 2002-12-23
Posts: 392
Website

Re: sshd problems

before i go here is one possible ( correct way to solve )
/etc/hosts.allow
SSHD: ALL :ALLOW


-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GU/ d- s: a- C L U P+ L+++ E--- W+
N 0+ K- W-- !O !M V-- PS+ PE- V++ PGP T 5 Z+ R* TV+ B+
DI-- D- G-- e-- h! r++ z+ z*
------END GEEK CODE BLOCK------

Offline

#14 2003-02-04 06:13:13

jlvsimoes
Member
From: portugal
Registered: 2002-12-23
Posts: 392
Website

Re: sshd problems

and i forget
put again in /etc/hosts.deny
ALL : ALL : ALL


-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GU/ d- s: a- C L U P+ L+++ E--- W+
N 0+ K- W-- !O !M V-- PS+ PE- V++ PGP T 5 Z+ R* TV+ B+
DI-- D- G-- e-- h! r++ z+ z*
------END GEEK CODE BLOCK------

Offline

#15 2003-02-04 10:55:37

ody
Member
From: Manchester, UK
Registered: 2002-08-12
Posts: 216
Website

Re: sshd problems

hrmmm anyway.. as you lot blabber on.. I missed /etc/hosts.allow, I thought I done it but obviously got confused with the amount of boxs Im always logged into.. anyway.. was a simple stupid overlook on my part..

rox on!

Offline

#16 2003-02-04 22:32:00

BluPhoenyx
Member
Registered: 2002-12-23
Posts: 239

Re: sshd problems

jlvsimoes wrote:

hum this is not the place to talk about this kind off stuff , but 1º
yes being secure is ( nice ) , 2º if someone needs to be secure .please secure yourself
3º the post i did is simple and it worked for me im not her to teach no one.....

I was NOT trying to give you a hard time about helping out with tips. Personally, I think this is cool when anyone tries to help. It's just not a good idea to give a tip which is blatantly insecure.

Another thought to consider. Quick fixes are often that, simply quick fixes. Ninety percent of the time these quick fixes lead to other problems which are harder to find. For example, the simple fix of allowing all hosts to access any service on this box would open a whole lot of security issues if this box were connected to certain high speed ISP providers (or even an insecure local network.) Some of these ISP providers have connections which are basically like being on a WAN or large LAN making the system easier to access. This is usually not something that a lot of users would know.

FWIW, you may feel secure in Portugal but there are still countries who openly spy on computer users and especially via networks. For many 'nice' is not an option.

My point is, knowledge is the key to security and security is the issue here. After all, we were talking about Secure Shell originally and Linux in general.

However, please don't take it personally if I tend to be gruff. I don't often explain myself properly and people tend to mistake this for attitude towards them.


BluPhoenyx

Offline

#17 2003-02-05 00:30:03

jlvsimoes
Member
From: portugal
Registered: 2002-12-23
Posts: 392
Website

Re: sshd problems

no  mistake the dude solved is problem
problem solved


-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GU/ d- s: a- C L U P+ L+++ E--- W+
N 0+ K- W-- !O !M V-- PS+ PE- V++ PGP T 5 Z+ R* TV+ B+
DI-- D- G-- e-- h! r++ z+ z*
------END GEEK CODE BLOCK------

Offline

#18 2004-03-28 19:52:57

Malaclypse
Member
Registered: 2004-03-27
Posts: 11

Re: sshd problems

alright, thought i'd just recycle this thread.
just set up sshd on a box; now when i try to log in, even from the very same box, right after i entered the passwd nothing happens any more. i can't even ctrl+c out of it, so i have to switch to another console and kill the daemon.
however, when i try to log in with a windows client and putty, i get:
"server refused to allocate tty".
and that's the only clue i have; any ideas? probably something really dumb, i had my share of dumb mistakes today already smile

malaclypse

Offline

#19 2004-03-28 21:11:10

Xentac
Forum Fellow
From: Victoria, BC
Registered: 2003-01-17
Posts: 1,797
Website

Re: sshd problems

Are you running 2.6 on the server and don't have the devpts line in your fstab?

none                   /dev/pts  devpts    defaults               0      0


I have discovered that all of mans unhappiness derives from only one source, not being able to sit quietly in a room
- Blaise Pascal

Offline

#20 2004-03-29 08:08:21

Malaclypse
Member
Registered: 2004-03-27
Posts: 11

Re: sshd problems

well, that was just what has been missing all along smile
thanks for the quick reply, i guess i would have been searching for hours to come.

m

Offline

#21 2004-03-31 21:57:43

CSH-9999
Member
Registered: 2004-03-10
Posts: 18

Re: sshd problems

That's just weird. Adding /dev/pts to fstab fixed me also, but ssh was working fine till I upgraded to the latest openssh. Does it require it? I made no other changes, to anything other then that upgrade.  I was pulling my hair out, thanks for the tip smile

C


-----
CSH-9999

Offline

Board footer

Powered by FluxBB