+ Responder ao Tópico



  1. #1

    Padrão ssh_exchange_identification: Connection closed by remote host

    Colegas, estou tentando fazer um ssh de uma máquina qualquer para o meu servidor que eu chamo de nxserver, mas quando eu vou dar um ssh, ele me retorna este erro:

    ssh_exchange_identification: Connection closed by remote host

    seguem alguns dos meus arquivos para análise:

    --- começo de hosts.allow ---

    # hosts.allow This file describes the names of the hosts which are
    # allowed to use the local INET services, as decided by
    # the '/usr/sbin/tcpd' server.
    #
    # Version: @(#)/etc/hosts.allow 1.00 05/28/93
    #
    # Author: Fred N. van Kempen, <[email protected]
    #
    #

    ALL : ALL : ALLOW

    # End of hosts.allow.

    --- final de hosts.allow ---

    --- começo de hosts.deny ---

    #
    # hosts.deny This file describes the names of the hosts which are
    # *not* allowed to use the local INET services, as decided
    # by the '/usr/sbin/tcpd' server.
    #
    # Version: @(#)/etc/hosts.deny 1.00 05/28/93
    #
    # Author: Fred N. van Kempen, <[email protected]
    #
    #

    # End of hosts.deny.

    --- final de hosts.deny ---

    --- começo de /etc/ssh/sshd_config ---

    # $OpenBSD: sshd_config,v 1.72 2005/07/25 11:59:40 markus Exp $

    # This is the sshd server system-wide configuration file. See
    # sshd_config(5) for more information.

    # This sshd was compiled with PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin

    # The strategy used for options in the default sshd_config shipped with
    # OpenSSH is to specify options with their default value where
    # possible, but leave them commented. Uncommented options change a
    # default value.

    #Port 22
    #Protocol 2,1
    #AddressFamily any
    #ListenAddress 0.0.0.0
    #ListenAddress ::

    # HostKey for protocol version 1
    #HostKey /etc/ssh/ssh_host_key
    # HostKeys for protocol version 2
    #HostKey /etc/ssh/ssh_host_rsa_key
    #HostKey /etc/ssh/ssh_host_dsa_key

    # Lifetime and size of ephemeral version 1 server key
    #KeyRegenerationInterval 1h
    #ServerKeyBits 768

    # Logging
    # obsoletes QuietMode and FascistLogging
    #SyslogFacility AUTH
    #LogLevel INFO

    # Authentication:

    #LoginGraceTime 2m
    #PermitRootLogin yes
    #StrictModes yes
    #MaxAuthTries 6

    #RSAAuthentication yes
    #PubkeyAuthentication yes
    #AuthorizedKeysFile .ssh/authorized_keys

    # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
    #RhostsRSAAuthentication no
    # similar for protocol version 2
    #HostbasedAuthentication no
    # Change to yes if you don't trust ~/.ssh/known_hosts for
    # RhostsRSAAuthentication and HostbasedAuthentication
    #IgnoreUserKnownHosts no
    # Don't read the user's ~/.rhosts and ~/.shosts files
    #IgnoreRhosts yes

    # To disable tunneled clear text passwords, change to no here!
    #PasswordAuthentication yes
    #PermitEmptyPasswords no

    # Change to no to disable s/key passwords
    #ChallengeResponseAuthentication yes

    # Kerberos options
    #KerberosAuthentication no
    #KerberosOrLocalPasswd yes
    #KerberosTicketCleanup yes
    #KerberosGetAFSToken no

    # GSSAPI options
    #GSSAPIAuthentication no
    #GSSAPICleanupCredentials yes

    # Set this to 'yes' to enable PAM authentication, account processing,
    # and session processing. If this is enabled, PAM authentication will
    # be allowed through the ChallengeResponseAuthentication mechanism.
    # Depending on your PAM configuration, this may bypass the setting of
    # PasswordAuthentication, PermitEmptyPasswords, and
    # "PermitRootLogin without-password". If you just want the PAM account and
    # session checks to run without PAM authentication, then enable this but set
    # ChallengeResponseAuthentication=no
    #UsePAM no

    #AllowTcpForwarding yes
    #GatewayPorts no
    X11Forwarding yes
    #X11DisplayOffset 10
    #X11UseLocalhost yes
    #PrintMotd yes
    #PrintLastLog yes
    #TCPKeepAlive yes
    #UseLogin no
    #UsePrivilegeSeparation yes
    #PermitUserEnvironment no
    #Compression delayed
    #ClientAliveInterval 0
    #ClientAliveCountMax 3
    #UseDNS yes
    #PidFile /var/run/sshd.pid
    #MaxStartups 10

    # no default banner path
    #Banner /some/path

    # override default of no subsystems
    Subsystem sftp /usr/libexec/sftp-server

    # AllowUsers to login with NX server
    AllowUsers nx looknet

    --- final de /etc/ssh/sshd_config ---

    --- listagem de arquivos em /etc/ssh ---

    root@nxserver:/etc/ssh# ls -laF
    total 176
    drwxr-xr-x 2 root root 4096 2006-11-29 21:30 ./
    drwxr-xr-x 24 root root 4096 2006-11-29 17:30 ../
    -rw-r--r-- 1 root root 132839 2005-09-01 11:46 moduli
    -rw-r--r-- 1 root root 1292 2005-09-01 11:46 ssh_config
    -rw------- 1 root root 1192 2006-11-22 17:06 ssh_host_dsa_key
    -rw-r--r-- 1 root root 1115 2006-11-22 17:06 ssh_host_dsa_key.pub
    -rw------- 1 root root 976 2006-11-22 17:05 ssh_host_key
    -rw-r--r-- 1 root root 640 2006-11-22 17:05 ssh_host_key.pub
    -rw------- 1 root root 1675 2006-11-22 17:06 ssh_host_rsa_key
    -rw-r--r-- 1 root root 395 2006-11-22 17:06 ssh_host_rsa_key.pub
    -rw-r--r-- 1 root root 2944 2006-11-29 21:20 sshd_config

    --- fim da listagem ---

    Estou utilizando Slackware 10.2, kernel 2.4.31

  2. #2
    Under-linux.Org Team Avatar de MarcusMaciel
    Ingresso
    Dec 2000
    Localização
    Boston
    Posts
    1.961
    Posts de Blog
    44

    Padrão

    Essa mensagem geralmente e causada pelo tcpwrapper

    limpe todo conteudo do seu hosts.allow e hosts.deny

    que deve resolver o problema.

    A nao ser e claro que vc esteja usando algo neles..

  3. #3
    Under-linux.Org Team Avatar de MarcusMaciel
    Ingresso
    Dec 2000
    Localização
    Boston
    Posts
    1.961
    Posts de Blog
    44

    Padrão

    outra coisa que vc pode fazer

    e dar um ssh com o parametro -v
    pra ajudar a debugar e descobrir qual pode ser o erro

  4. #4

    Padrão hosts.allow

    Colega,

    Mas no meu arquivo hosts.allow só tem o seguinte parâmetro:

    ALL : ALL : ALLOW

    que foi posta justamente porque eu não conseguia fazer conexões via ssh como o arquivo totalmente em branco, então pesquisando no São Google eu vi que precisava adicionar algo no hosts.allow como "sshd : ALL : ALLOW" ou "ALL : ALL : ALLOW" que era pra permitir os acessos ao host.

    mas respondendo mais diretamente à sua pergunta, não funcionou limpar os arquivos hosts.(allow|deny)

    fico no aguardo de mais alternativas, se você souber de outra coisa que eu possa tentar, agradeço, valeu.

  5. #5
    Under-linux.Org Team Avatar de MarcusMaciel
    Ingresso
    Dec 2000
    Localização
    Boston
    Posts
    1.961
    Posts de Blog
    44

    Padrão

    localmente ssh na propria maquina funciona ?


    vc ja tentou dar um ssh 127.0.0.1

    na maquina que vc nao consegue acessar ?

  6. #6

    Padrão ssh local

    Olá colega, ssh local também não funciona:

    root@nxserver:~/.ssh# ssh 127.0.0.1
    ssh_exchange_identification: Connection closed by remote host

    será que eu poderia tentar algo mais?

  7. #7

  8. #8
    Under-linux.Org Team Avatar de MarcusMaciel
    Ingresso
    Dec 2000
    Localização
    Boston
    Posts
    1.961
    Posts de Blog
    44

    Padrão

    da um ssh -v 127.0.0.1

    e cole tudo aqui

  9. #9

    Padrão ssh -v 127.0.0.1

    Colega, eis a resposta de "ssh -v 127.0.0.1"

    OpenSSH_4.2p1, OpenSSL 0.9.7g 11 Apr 2005
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22.
    debug1: Connection established.
    debug1: permanently_set_uid: 0/0
    debug1: identity file /root/.ssh/identity type -1
    debug1: identity file /root/.ssh/id_rsa type -1
    debug1: identity file /root/.ssh/id_dsa type -1
    ssh_exchange_identification: Connection closed by remote host


    Obrigado pela força,

    Guilherme