ssh_exchange_identification issue

Discussion related to network/web services such as Apache, BIND Sendmail, etc.

ssh_exchange_identification issue

Postby CanOfBees » 30 Sep 2013, 23:29

Hi all,

I've posted to the PC-BSD forums but haven't heard anything yet [1]. I know there could be some differences, but there's significantly higher traffic here and I'm hoping someone will be able to shed some light on my problem.

I'm using 9.2;
Code: Select all
> uname -a
FreeBSD rook 9.2-RELEASE-p7 FreeBSD 9.2-RELEASE-p7 #0: Wed Sep 11 15:02:50 UTC 2013     root@amd64-builder.pcbsd.org:/usr/obj/usr/src/sys/GENERIC  amd64


When I'm in my office and connected to our network via ethernet ([FILE]em0[/FILE]) I am unable to [CMD]ssh[/CMD] into my workstation from my laptop. I get the following error:

Code: Select all
> ssh workstation.at.the.office
ssh_exchange_identification: Connection closed by remote host


I'm able to [CMD]ssh[/CMD] into every other machine that I typically access. I've checked the [FILE]/etc/hosts.allow[/FILE] and [FILE]/etc/hosts.deniedssh[/FILE], but as far as I can tell everything looks normal. [FILE]/etc/hosts.allow[/FILE] has the following:
Code: Select all
sshd : /etc/hosts.deniedssh : deny
sshd : ALL : allow

and [FILE]/etc/hosts.deniedssh[/FILE] is empty.

The crowning weirdness is that if I unplug the ethernet cable and use the wireless network, I can [CMD]ssh[/CMD] into my workstation without problems (except for the horribly slow network). I have [file]lagg0[/file] enabled, so maybe the problem is there but I'm not sure.

I've attached the output of [CMD]ifconfig[/CMD] [2]. Please let me know if there's anything else I can provide to help clear this up. Thanks in advance for your time and trouble.

[1] http://forums.pcbsd.org/showthread.php?p=109758#post109758
[2] [CMD]ifconfig[/CMD]
Code: Select all
> ifconfig
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
   options=4219b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_MAGIC,VLAN_HWTSO>
   ether 00:1d:72:98:56:41
   nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
   media: Ethernet autoselect (100baseTX <full-duplex>)
   status: active
iwn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 2290
   ether 00:1d:72:98:56:41
   nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
   media: IEEE 802.11 Wireless Ethernet autoselect mode 11ng
   status: associated
ipfw0: flags=8801<UP,SIMPLEX,MULTICAST> metric 0 mtu 65536
   nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
   options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
   inet6 ::1 prefixlen 128
   inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa
   inet 127.0.0.1 netmask 0xff000000
   nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
   ether 00:1d:72:98:56:41
   inet6 fe80::21d:72ff:fe98:5641%lagg0 prefixlen 64 scopeid 0xb
   inet 160.36.193.175 netmask 0xfffffc00 broadcast 160.36.195.255
   nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
   media: Ethernet autoselect
   status: active
   laggproto failover lagghash l2,l3,l4
   laggport: wlan0 flags=0<>
   laggport: em0 flags=5<MASTER,ACTIVE>
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
   ether 00:1d:72:98:56:41
   inet6 fe80::21d:72ff:fe98:5641%wlan0 prefixlen 64 scopeid 0xc
   nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
   media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11ng
   status: associated
   ssid office-open channel 11 (2462 MHz 11g ht/20) bssid 6c:f3:7f:ad:ea:61
   country US authmode OPEN privacy OFF txpower 14 bmiss 10
   scanvalid 450 bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7
   roam:rate 64 protmode CTS ampdulimit 64k ampdudensity 8
   -amsdutx amsdurx shortgi wme roaming MANUAL
CanOfBees
Junior Member
 
Posts: 44
Joined: 02 Mar 2010, 18:08

Postby SirDice » 01 Oct 2013, 16:21

Are there any [FILE]Match Address[/FILE] entries in the hosts [file]/etc/ssh/sshd_config[/file]?
Senior UNIX Engineer at Unix Support Nederland
Experience is something you don't get until just after you need it.
User avatar
SirDice
Old Fart
 
Posts: 16161
Joined: 17 Nov 2008, 16:50
Location: Rotterdam, Netherlands

Postby CanOfBees » 01 Oct 2013, 17:40

[user]SirDice[/user],

I'm not seeing any.
[CMD]# cat /etc/ssh/sshd_config | grep Match[/CMD]
Code: Select all
#Match User anoncvs


It's the same on both machines.
Thanks!
CanOfBees
Junior Member
 
Posts: 44
Joined: 02 Mar 2010, 18:08


Return to Web & Network Services

Who is online

Users browsing this forum: No registered users and 1 guest