{"id":1925,"date":"2012-07-06T14:22:03","date_gmt":"2012-07-06T18:22:03","guid":{"rendered":"http:\/\/linuxhostingsupport.net\/blog\/?p=1925"},"modified":"2013-03-20T08:38:22","modified_gmt":"2013-03-20T12:38:22","slug":"ssh_exchange_identification-connection-closed-by-remote-host","status":"publish","type":"post","link":"https:\/\/linuxhostingsupport.net\/blog\/ssh_exchange_identification-connection-closed-by-remote-host","title":{"rendered":"ssh_exchange_identification: Connection closed by remote host"},"content":{"rendered":"<p>Many a times when accessing a server via SSH you may end up with &#8220;ssh_exchange_identification: Connection closed by remote host&#8221; error message. For example:<\/p>\n<blockquote>\n<pre><span style=\"color: #0000ff;\"># ssh root@testserver.com<\/span>\r\nssh_exchange_identification: Connection closed by remote host<\/pre>\n<\/blockquote>\n<p>OR may be more descriptive error when you use the verbose mode (-v flag)<\/p>\n<blockquote>\n<pre><span style=\"color: #0000ff;\"># ssh -v root@testserver.com<\/span>\r\n OpenSSH_4.0p1, OpenSSL 0.9.7a Feb 19 2003\r\n debug1: Reading configuration data \/etc\/ssh\/ssh_config\r\n debug1: Applying options for *\r\n debug1: Connecting to testserver.com [1.1.1.1] port 22.\r\n debug1: Connection established.\r\n debug1: permanently_set_uid: 0\/0\r\n debug1: identity file \/root\/.ssh\/identity type -1\r\n debug1: identity file \/root\/.ssh\/id_rsa type -1\r\n debug1: identity file \/root\/.ssh\/id_dsa type 2<\/pre>\n<\/blockquote>\n<p><strong>The &#8216;ssh_exchange_identification&#8217; issue occurs for various reasons<\/strong>. So to fix the issue, check the following:<\/p>\n<p><strong>1)<\/strong> <strong>TCP wrappers<\/strong> i.e. whether ssh is restricted to certain IPs in \/etc\/hosts.allow and \/etc\/hosts.deny. If yes, make sure your local IP is added in the allowed list.<\/p>\n<p>Edit the \/etc\/hosts.allow file and add the following at the top:<\/p>\n<blockquote>\n<pre><span style=\"color: #0000ff;\">sshd : yourlocalip : allow<\/span><\/pre>\n<\/blockquote>\n<p><strong>2)<\/strong> <strong>The \/var\/empty\/sshd folder should be owned by user &#8216;root&#8217;.<\/strong> Sometimes if a new application is installed, it somehow changes the ownership of the \/var\/empty\/sshd directory resulting in &#8216;ssh_exchange_identification&#8217; error message.<\/p>\n<blockquote>\n<pre><span style=\"color: #0000ff;\"># chown root.root \/var\/empty\/sshd -R<\/span><\/pre>\n<\/blockquote>\n<p><strong>3)<\/strong> If the <strong>permission of the private key files are incorrect<\/strong> i.e. if private key files are readable by all, it also results in &#8220;ssh_exchange_identification: Connection closed by remote host&#8221; error.<\/p>\n<p>For example, if any of the private key file &#8220;ssh_host_key, ssh_host_rsa_key or ssh_host_dsa_key&#8221; in \/etc\/ssh directory have 644 permissions, they should be set to 600.<\/p>\n<blockquote>\n<pre><span style=\"color: #0000ff;\"># cd \/etc\/ssh<\/span>\r\n<span style=\"color: #0000ff;\"># chmod 600 ssh_host_key ssh_host_rsa_key ssh_host_dsa_key<\/span><\/pre>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Many a times when accessing a server via SSH you may end up with &#8220;ssh_exchange_identification: Connection closed by remote host&#8221; error message. For example:<\/p>\n<p># ssh root@testserver.com<br \/>\nssh_exchange_identification: Connection closed by remote host<\/p>\n<p>OR may be more descriptive error when you use the verbose mode (-v flag)<\/p>\n<p># ssh -v root@testserver.com<br \/>\n OpenSSH_4.0p1, OpenSSL 0.9.7a Feb 19 2003<br \/>\n debug1: Reading configuration data \/etc\/ssh\/ssh_config<br \/>\n debug1: Applying options for *<br \/>\n debug1: Connecting to testserver.com [1.1.1.1] port 22.<br \/>\n debug1: Connection established.<br \/>\n debug1: permanently_set_uid: 0\/0<br \/>\n debug1: identity file \/root\/.ssh\/identity type -1<br \/>\n debug1: identity file \/root\/.ssh\/id_rsa type -1<br \/>\n [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[1410,1409,1407,1408],"_links":{"self":[{"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/posts\/1925"}],"collection":[{"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/comments?post=1925"}],"version-history":[{"count":6,"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/posts\/1925\/revisions"}],"predecessor-version":[{"id":2075,"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/posts\/1925\/revisions\/2075"}],"wp:attachment":[{"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/media?parent=1925"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/categories?post=1925"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/linuxhostingsupport.net\/blog\/wp-json\/wp\/v2\/tags?post=1925"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}