connection closed by remote host

From: Frode Nilsen (frodo_at_cyberpunks.no)
Date: 08/09/04

  • Next message: Jonathan Loh: "Re: connection timeout"
    To: secureshell@securityfocus.com
    Date: Mon, 09 Aug 2004 12:47:35 +0200
    
    

    hi,

    I have a little problem with one of my servers; the server is FC1, using
    LDAP for user information, and Kerberos for user authentication, and
    OpenAFS for distributed filesystem. And all packages are of the latest
    stable release.

    The problem occured for the first time 2 weeks ago; the problem shows
    itself when I try ssh'ing with a user from the ldap/kerberos-database,
    and I get a "connection closed by remote host"-message. When I try to
    ssh into my server with a user from the local passwd file, I have no
    problems.

    Using "ssh -vv" I get this after password input:

    debug2: we sent a password packet, wait for reply
    debug1: Authentication succeeded (password).
    debug1: channel 0: new [client-session]
    debug2: channel 0: send open
    debug1: Entering interactive session.
    debug2: callback start
    debug2: ssh_session2_setup: id 0
    debug1: channel 0: request pty-req
    debug2: x11_get_proto: /usr/X11R6/bin/xauth list :0.0 2>/dev/null
    debug1: Requesting X11 forwarding with authentication spoofing.
    debug1: channel 0: request x11-req
    debug1: channel 0: request shell
    debug2: callback done
    debug1: channel 0: open confirm rwindow 0 rmax 32768
    debug1: channel_free: channel 0: client-session, nchannels 1
    Connection to ************* closed by remote host.
    Connection to ************* closed.
    debug1: Transferred: stdin 0, stdout 0, stderr 89 bytes in 0.6 seconds
    debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 137.0
    debug1: Exit status -1

    In the "/var/log/messages"-file, it says:

    Aug 3 03:28:29 oliven sshd(pam_unix)[1573]: check pass; user unknown
    Aug 3 03:28:29 oliven sshd(pam_unix)[1573]: authentication failure;
    logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=******.cm.chello.no
    Aug 3 03:28:29 oliven sshd[1573]: pam_krb5[1573]: authentication
    succeeds for '********' (***************)
    Aug 3 03:28:29 oliven sshd(pam_unix)[1575]: session opened for user
    ******** by (uid=1000)

    So far as I understand the debugging and the log, the authentication
    part succeeds, and after that the connection just closes. So I don't
    think it is kerberos or ldap that's the problem (mostly because the
    kerberos/ldap configuration has worked nicely for 2 months before this
    problem occured), but more likely it has something to do with ssh and
    pam, but I'm not able to figure this one out by myself.

    Regards, Frode


  • Next message: Jonathan Loh: "Re: connection timeout"

    Relevant Pages

    • RE: Problem: passwordless SSH-login with Kerberos doesnt work
      ... Are you attempting Kerberos based password authentication or single sign on? ... debug1: Connection established. ... debug2: fd 3 setting O_NONBLOCK ...
      (comp.protocols.kerberos)
    • ssh - connection closed by remote host
      ... debug1: Authentication succeeded. ... debug1: channel 0: new ... think it is kerberos or ldap that's the problem (mostly because the ...
      (Fedora)
    • Re: X11 connection rejected
      ... are you calling a suid program which calls ... > 'X11 connection rejected because of wrong authentication' error. ... > debug1: fd 8 setting TCP_NODELAY ... > debug1: channel 1: read failed ...
      (comp.security.ssh)
    • firefox of ssh x11
      ... with X11 forwarding. ... debug1: Reading configuration data /etc/ssh/ssh_config ... Rhosts Authentication disabled, originating port will not be trusted. ... debug1: channel 0: new ...
      (comp.os.linux.misc)
    • rsa authentication working in RH 7.2 but not RH 9.0
      ... I could ssh to my Linux box running RH 7.2 with rsa keys and no ... password authentication. ... debug1: Rhosts Authentication disabled, ... # Kerberos TGT Passing only works with the AFS kaserver ...
      (comp.security.ssh)