Re: Connection closed by [IP] port [port] [preauth]
On Wed, Feb 26, 2020 at 08:49:28AM +0100, Klaus Singvogel wrote: > deloptes wrote: > > +1 :( and I am not using standard port 22, so they scanned all 3 ports > > and found out what is open (well filtered) and now are trying to do brute > > force on SSH. Others are trying to exploit apache/php & Co. > > I'm using portsentry against this: > https://packages.debian.org/buster/portsentry > > Let it sniff on some unused ports, like 445, 69, 8181, 5353, or 22. :-) > > https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers > > But beware to have a whitelisted IP address active. I locked myslef out, > after switching to a different computer, like fresh a installed Linux. :-) "fwknop" is another tool to consider if you don't like getting scanned. Regards, Didar > > Regards, > Klaus. > -- > Klaus Singvogel > GnuPG-Key-ID: 1024R/5068792D 1994-06-27 > -- Basic Definitions of Science: If it's green or wiggles, it's biology. If it stinks, it's chemistry. If it doesn't work, it's physics.
Re: Connection closed by [IP] port [port] [preauth]
deloptes wrote: > +1 :( and I am not using standard port 22, so they scanned all 3 ports > and found out what is open (well filtered) and now are trying to do brute > force on SSH. Others are trying to exploit apache/php & Co. I'm using portsentry against this: https://packages.debian.org/buster/portsentry Let it sniff on some unused ports, like 445, 69, 8181, 5353, or 22. :-) https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers But beware to have a whitelisted IP address active. I locked myslef out, after switching to a different computer, like fresh a installed Linux. :-) Regards, Klaus. -- Klaus Singvogel GnuPG-Key-ID: 1024R/5068792D 1994-06-27
Re: Connection closed by [IP] port [port] [preauth]
Tixy wrote: >> Since February 11th at 00:25:09, I am getting the following every 12 >> secondes: >> >> Feb 11 00:25:09 box sshd[17733]: Connection closed by 118.126.105.120 >> port 54422 [preauth] > > I'm getting that too. +1 :( and I am not using standard port 22, so they scanned all 3 ports and found out what is open (well filtered) and now are trying to do brute force on SSH. Others are trying to exploit apache/php & Co.
Re: Connection closed by [IP] port [port] [preauth]
Le 24-02-2020, à 15:51:53 -0500, Dan Ritter a écrit : steve wrote: Hi there, Since February 11th at 00:25:09, I am getting the following every 12 secondes: Feb 11 00:25:09 box sshd[17733]: Connection closed by 118.126.105.120 port 54422 [preauth] And when I say every 12 seconds, it is really every 12 seconds, and this is now going on for more than 13 days, without any interruption. At the beginning, I thought that this was just standards nmap scans or something similar and so didn't bother taking any action. But now I'm asking myself who (in China) would be so stupid to continue this scanning. What should I do? Send an email to the abuse contact? Ignore it and wait that it's over? It doesn't seem naughty but it's getting irritating. sudo apt install iptables-persistent sudo iptables -A INPUT -s 118.126.105.120 -j DROP sudo netfilter-persistent save Clean logs, thanks :) Funny, right after issuing these commands, new IP started scanning my system. Re-issued the commands and the problem was solved. Thanks a lot. S
Re: Connection closed by [IP] port [port] [preauth]
On Mon, 2020-02-24 at 21:38 +0100, steve wrote: > Hi there, > > Since February 11th at 00:25:09, I am getting the following every 12 > secondes: > > Feb 11 00:25:09 box sshd[17733]: Connection closed by 118.126.105.120 port > 54422 [preauth] I'm getting that too. > And when I say every 12 seconds, it is really every 12 seconds, and this > is now going on for more than 13 days, without any interruption. At the > beginning, I thought that this was just standards nmap scans or > something similar and so didn't bother taking any action. But now I'm > asking myself who (in China) would be so stupid to continue this > scanning. The bot is possibly try to trigger some vulnerability, which we can expect is a known one and fixed in Debian. > What should I do? Send an email to the abuse contact? Ignore it and wait > that it's over? It doesn't seem naughty but it's getting irritating. You've already had the same suggestions I'd give. I run fail2ban on all internet facing systems, which will block IP addresses which are repeatedly trying and failing things like password logins to sshd. Unfortunately, simple connection drops like these aren't covered by the built-in rules. There may be ways of adding custom rules, but I've just taken to manually adding IP addresses to a blacklist with iptables. (To avoid their irritation in the logs rather than fear that the bots will be able to do anything nasty.) -- Tixy
Re: Connection closed by [IP] port [port] [preauth]
On 2/24/2020 9:38 PM, steve wrote: > Hi there, > > Since February 11th at 00:25:09, I am getting the following every 12 > secondes: > > Feb 11 00:25:09 box sshd[17733]: Connection closed by 118.126.105.120 > port 54422 [preauth] > > And when I say every 12 seconds, it is really every 12 seconds, and this > is now going on for more than 13 days, without any interruption. At the > beginning, I thought that this was just standards nmap scans or > something similar and so didn't bother taking any action. But now I'm > asking myself who (in China) would be so stupid to continue this > scanning. > > What should I do? Send an email to the abuse contact? Ignore it and wait > that it's over? It doesn't seem naughty but it's getting irritating. > Find a way to block/ban this address, fail2ban, firewall and to some extend sshd_config. -- John Doe
Re: Connection closed by [IP] port [port] [preauth]
steve wrote: > Hi there, > > Since February 11th at 00:25:09, I am getting the following every 12 > secondes: > > Feb 11 00:25:09 box sshd[17733]: Connection closed by 118.126.105.120 port > 54422 [preauth] > > And when I say every 12 seconds, it is really every 12 seconds, and this > is now going on for more than 13 days, without any interruption. At the > beginning, I thought that this was just standards nmap scans or > something similar and so didn't bother taking any action. But now I'm > asking myself who (in China) would be so stupid to continue this > scanning. > > What should I do? Send an email to the abuse contact? Ignore it and wait > that it's over? It doesn't seem naughty but it's getting irritating. sudo apt install iptables-persistent sudo iptables -A INPUT -s 118.126.105.120 -j DROP sudo netfilter-persistent save If you want rules inserted automatically and removed after a time, install fail2ban. -dsr-
Connection closed by [IP] port [port] [preauth]
Hi there, Since February 11th at 00:25:09, I am getting the following every 12 secondes: Feb 11 00:25:09 box sshd[17733]: Connection closed by 118.126.105.120 port 54422 [preauth] And when I say every 12 seconds, it is really every 12 seconds, and this is now going on for more than 13 days, without any interruption. At the beginning, I thought that this was just standards nmap scans or something similar and so didn't bother taking any action. But now I'm asking myself who (in China) would be so stupid to continue this scanning. What should I do? Send an email to the abuse contact? Ignore it and wait that it's over? It doesn't seem naughty but it's getting irritating. Thanks S
Re: (ssh) Connection closed by
Could be your ssh client proposing ciphers the SSH server doesn't understand. This was known issue with communication of ssh client 5+ to ssh server 4.x and older. Give it a try and let us know. http://www.held.org.il/blog/2011/05/the-myterious-case-of-broken-ssh-client-connection-reset-by-peer/ On Mon, Mar 30, 2015 at 2:33 PM, Pol Hallen de...@fuckaround.org wrote: hey all :-) unfortunately I don't have access to ssh server, I can only see: Platform: i586-pc-linux-gnu Compiled with: liblua-5.2.3 openssl-1.0.1k libpcre-8.35 libpcap-1.6.2 nmap-libdnet-1.12 ipv6 Compiled without: Available nsock engines: epoll poll select ssh -vvvl user ip debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: setup hmac-sha1 debug1: kex: server-client 3des-cbc hmac-sha1 none debug2: mac_setup: setup hmac-sha1 debug1: kex: client-server 3des-cbc hmac-sha1 none debug2: bits set: 502/1024 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY Connection closed by IP any idea to solve? Thanks! Pol -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/551942a6.6080...@fuckaround.org
(ssh) Connection closed by
hey all :-) unfortunately I don't have access to ssh server, I can only see: Platform: i586-pc-linux-gnu Compiled with: liblua-5.2.3 openssl-1.0.1k libpcre-8.35 libpcap-1.6.2 nmap-libdnet-1.12 ipv6 Compiled without: Available nsock engines: epoll poll select ssh -vvvl user ip debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: setup hmac-sha1 debug1: kex: server-client 3des-cbc hmac-sha1 none debug2: mac_setup: setup hmac-sha1 debug1: kex: client-server 3des-cbc hmac-sha1 none debug2: bits set: 502/1024 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY Connection closed by IP any idea to solve? Thanks! Pol -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/551942a6.6080...@fuckaround.org
Ajuda urgente com erro SSH (ssh_exchange_identification: Connection closed by remote host)
Pessoal, Estou com seguinte problema no meu servidor SSH, ao tentar realizar conexão remota ou local para o mesmo retorna a seguinte mensagem de erro. [EMAIL PROTECTED] ~]$ scp teste.txt 127.0.0.1:/home/tiago/ ssh_exchange_identification: Connection closed by remote host lost connection [EMAIL PROTECTED] ~]$ OBS.: O erro esta acontecendo apenas com SCP. Tenho um servidor SSH que recebe praticamento 60 conexões por minuto, e o mesmo esta retornando o erro apenas para as conexões SCP. Preciso tentar vários vezes para ele aceitar uma conexão. O problema é que trabalho com conexões automáticas (jobs), e esta esta me trazendo uma grande problema. Alguém pode me ajudar a resolver? PS: Sei que e lista é Debian, mas estou utilizando: Red Hat Enterprise Linux ES release 4 (Nahant Update 4) OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003 Att, -- Tiago Dias da Silva Administrador de Sistemas GNU/Linux HomePage: www.dias.eti.br Email: [EMAIL PROTECTED] A mente que se abre a uma nova idéia jamais voltará ao seu tamanho original (Albert Einstein)
Re: Ajuda urgente com erro SSH (ssh_exchange_identification: Connection closed by remote host)
Ola, Vejo que o Sr. Cometeu ao menos três infrações. :) Fez cross-posting. Problema e com uma outra distribuição. E não verificou o Log do servidor remoto. 2008/11/5 Tiago Dias [EMAIL PROTECTED]: Pessoal, Estou com seguinte problema no meu servidor SSH, ao tentar realizar conexão remota ou local para o mesmo retorna a seguinte mensagem de erro. [EMAIL PROTECTED] ~]$ scp teste.txt 127.0.0.1:/home/tiago/ ssh_exchange_identification: Connection closed by remote host lost connection Verifique no log (syslog) do servidor o motivo de ter fechado a conexão. Sem essa informação, podemos somente especular os motivos. Red Hat Enterprise Linux ES release 4 (Nahant Update 4) OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003 Deveria ter se reportado a uma lista de discussão dessa distribuição, ou melhor, ter entrado em contato com o suporte técnico (afinal, pagou por isso). -- Paulino Kenji Sato http://www.nobel.com.br -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [SOLVED] Re: ssh_exchange_identification: Connection closed by remote host
On Tue, 10 Jan 2006 22:50:00 +0100, Tobias Krais [EMAIL PROTECTED] wrote: Kind mit dem Bade ausgeschüttet. In /etc/hosts.allow ssh für die entsprechenden Source-IPs erlauben. Wenn die Souce-IP dynamisch ist, Pech gehabt, ssh: 0.0.0.0/0.0.0.0 eintragen. Juhu! Es hat funktioniert. Fein. Einfach ein Eintrag in die /etc/hosts.allow. Aber mal eine grundsätzliche Frage: wie sind solche Einträge aufgebaut: Das steht in man 5 hosts_access. Grüße Marc -- -- !! No courtesy copies, please !! - Marc Haber |Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG Rightful Heir | Fon: *49 621 72739834
Re: [SOLVED] Re: ssh_exchange_identification: Connection closed by remote host
Hi Marc, Einfach ein Eintrag in die /etc/hosts.allow. Aber mal eine grundsätzliche Frage: wie sind solche Einträge aufgebaut: Das steht in man 5 hosts_access. OK. Den habe ich gesucht. Also dass muss so aussehen: Deamonname... bei ssh z.B. sshd: ALL : ALLOW Danke, Tobi -- Haeufig gestellte Fragen und Antworten (FAQ): http://www.de.debian.org/debian-user-german-FAQ/ Zum AUSTRAGEN schicken Sie eine Mail an [EMAIL PROTECTED] mit dem Subject unsubscribe. Probleme? Mail an [EMAIL PROTECTED] (engl)
Re: ssh_exchange_identification: Connection closed by remote host
On Mon, 9 Jan 2006 19:26:05 +0100, Marc Deichmann [EMAIL PROTECTED] wrote: Leider nicht definitiv. Es kann noch wesentlich mehr sein. Ein ssh -vvv hilft da meistens. Es kann zum Beispiel auch ein Schlüsselaustausch stattgefunden haben und der Client hat seinen Schlüssel geändert. Welcher Client hat welchen Schlüssel geändert? In jahrelanger Praxis ist mir ssh_exchange_identification: Connection closed by remote host nur bei Deny durch tcp-wrappers oder ein schiefgegangenes ProxyCommand untergekommen. Grüße Marc -- -- !! No courtesy copies, please !! - Marc Haber |Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG Rightful Heir | Fon: *49 621 72739834
[SOLVED] Re: ssh_exchange_identification: Connection closed by remote host
Hi Zusammen, Kind mit dem Bade ausgeschüttet. In /etc/hosts.allow ssh für die entsprechenden Source-IPs erlauben. Wenn die Souce-IP dynamisch ist, Pech gehabt, ssh: 0.0.0.0/0.0.0.0 eintragen. Juhu! Es hat funktioniert. Einfach ein Eintrag in die /etc/hosts.allow. Aber mal eine grundsätzliche Frage: wie sind solche Einträge aufgebaut: Application: Netzwerk/Netzmaske? Oder kann ich für die Applikation auch einen Port nehmen? Grüssle, Tobi -- Haeufig gestellte Fragen und Antworten (FAQ): http://www.de.debian.org/debian-user-german-FAQ/ Zum AUSTRAGEN schicken Sie eine Mail an [EMAIL PROTECTED] mit dem Subject unsubscribe. Probleme? Mail an [EMAIL PROTECTED] (engl)
Re: ssh_exchange_identification: Connection closed by remote host
On Sunday 08 January 2006 20:56, Marc Haber wrote: On Sat, 07 Jan 2006 22:39:21 +0100, Tim Boneko [EMAIL PROTECTED] wrote: Tobias Krais schrieb: -%- ssh_exchange_identification: Connection closed by remote host -%- Ich habe gelesen, dass das an meiner /etc/hosts... liegen könnte. Wäre jedenfalls das nahe Liegende. Ja, ist es definitiv. An dieser Fehlermeldung habe ich mehrmals Ewigkeiten herumgedebugged. Inzwischen hab ich aber endlich im Hirn, was der Nummer-Eins-Grund für diese Meldung ist. Leider nicht definitiv. Es kann noch wesentlich mehr sein. Ein ssh -vvv hilft da meistens. Es kann zum Beispiel auch ein Schlüsselaustausch stattgefunden haben und der Client hat seinen Schlüssel geändert. Gruß, mad -- The bug starts here.
Re: ssh_exchange_identification: Connection closed by remote host
On Sat, 07 Jan 2006 22:39:21 +0100, Tim Boneko [EMAIL PROTECTED] wrote: Tobias Krais schrieb: -%- ssh_exchange_identification: Connection closed by remote host -%- Ich habe gelesen, dass das an meiner /etc/hosts... liegen könnte. Wäre jedenfalls das nahe Liegende. Ja, ist es definitiv. An dieser Fehlermeldung habe ich mehrmals Ewigkeiten herumgedebugged. Inzwischen hab ich aber endlich im Hirn, was der Nummer-Eins-Grund für diese Meldung ist. Kommentier mal in hosts.deny alles aus, dann sollte die Fehlerquelle ausgeschaltet sein. Kind mit dem Bade ausgeschüttet. In /etc/hosts.allow ssh für die entsprechenden Source-IPs erlauben. Wenn die Souce-IP dynamisch ist, Pech gehabt, ssh: 0.0.0.0/0.0.0.0 eintragen. Schau auch, ob in der Firewall Port 22 UDP geöffnet ist! WOZU UM GOTTES WILLEN DAS DENN? Grüße Marc -- -- !! No courtesy copies, please !! - Marc Haber |Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom | http://www.zugschlus.de/ Nordisch by Nature | Lt. Worf, TNG Rightful Heir | Fon: *49 621 72739834
Re: ssh_exchange_identification: Connection closed by remote host
Hi Marc, also dann werde ich am Mittwoch mal das ausprobieren und hoffe, dass ich das letzte mal physisch an den Server muss... Ich schreib dann, ob ich Erfolg hatte. Vielen Dank für eure Hilfe, Grüßle, Tobi Marc Haber schrieb: On Sat, 07 Jan 2006 22:39:21 +0100, Tim Boneko [EMAIL PROTECTED] wrote: Tobias Krais schrieb: -%- ssh_exchange_identification: Connection closed by remote host -%- Ich habe gelesen, dass das an meiner /etc/hosts... liegen könnte. Wäre jedenfalls das nahe Liegende. Ja, ist es definitiv. An dieser Fehlermeldung habe ich mehrmals Ewigkeiten herumgedebugged. Inzwischen hab ich aber endlich im Hirn, was der Nummer-Eins-Grund für diese Meldung ist. Kommentier mal in hosts.deny alles aus, dann sollte die Fehlerquelle ausgeschaltet sein. Kind mit dem Bade ausgeschüttet. In /etc/hosts.allow ssh für die entsprechenden Source-IPs erlauben. Wenn die Souce-IP dynamisch ist, Pech gehabt, ssh: 0.0.0.0/0.0.0.0 eintragen. Schau auch, ob in der Firewall Port 22 UDP geöffnet ist! WOZU UM GOTTES WILLEN DAS DENN? Grüße Marc -- Haeufig gestellte Fragen und Antworten (FAQ): http://www.de.debian.org/debian-user-german-FAQ/ Zum AUSTRAGEN schicken Sie eine Mail an [EMAIL PROTECTED] mit dem Subject unsubscribe. Probleme? Mail an [EMAIL PROTECTED] (engl)
ssh_exchange_identification: Connection closed by remote host
Hallo zusammen, vor kurzem hatte ich ein Problem mit meiner Firewall und ich bekam keinen ssh-connect. Das Problem ist behoben, aber jetzt kommt das Nächste. Wenn ich versuche eine ssh-session aus dem Internet zu starten kommt (im lokalen Netz funktioniert es): -%- ssh_exchange_identification: Connection closed by remote host -%- Ich habe gelesen, dass das an meiner /etc/hosts... liegen könnte. Leider habe ich jetzt keinen Zugriff auf diese Maschine. Deshalb will ich, bevor ich die Kilometer ins Büro zurücklege um zu schauen woran es liegt, lieber noch mal euch fragen, ob es auch noch an etwas anderem liegen kann. Sonst fahr ich evt. zum x-ten man umsonst hin. Grüssle, Tobias -- Haeufig gestellte Fragen und Antworten (FAQ): http://www.de.debian.org/debian-user-german-FAQ/ Zum AUSTRAGEN schicken Sie eine Mail an [EMAIL PROTECTED] mit dem Subject unsubscribe. Probleme? Mail an [EMAIL PROTECTED] (engl)
Re: ssh_exchange_identification: Connection closed by remote host
Hi Tobias, Tobias Krais schrieb: -%- ssh_exchange_identification: Connection closed by remote host -%- Ich habe gelesen, dass das an meiner /etc/hosts... liegen könnte. Wäre jedenfalls das nahe Liegende. Kommentier mal in hosts.deny alles aus, dann sollte die Fehlerquelle ausgeschaltet sein. Schau auch, ob in der Firewall Port 22 UDP geöffnet ist! Andere Möglichkeiten fallen mir gerade nicht ein. Hth, timbo -- Haeufig gestellte Fragen und Antworten (FAQ): http://www.de.debian.org/debian-user-german-FAQ/ Zum AUSTRAGEN schicken Sie eine Mail an [EMAIL PROTECTED] mit dem Subject unsubscribe. Probleme? Mail an [EMAIL PROTECTED] (engl)
ssh_exchange_identifaction: Connection closed by remote host
Hola hace unos dias instale un servidor woody en Talca, yo estoy en Chillan, todo iva bien pues yo lo administraba remotamente mediante ssh, su IP es dinamica, para ello le instale un cliente (ddclient) que me refresca la IP en DynDns.org, todo bien, pero un buen dia alguien quiso hacer un poco de orden en Talca, apagaron el modem, etc, desde entonces cada vez que me intento conectar me tira el siguiente mensaje: $ ssh [EMAIL PROTECTED] ssh_exchange_identification: Conecction closed by remote host $ Bien adjunto lo que me tira al hacer ssh -v [EMAIL PROTECTED]:~$ ssh -v [EMAIL PROTECTED] OpenSSH_3.4p1 Debian 1:3.4p1-1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: ssh_connect: needpriv 0 debug1: Connecting to talca.algo.cl [200.113.xxx.x] port 22. debug1: Connection established. debug1: identity file /home/operador/.ssh/identity type -1 debug1: identity file /home/operador/.ssh/id_rsa type -1 debug1: identity file /home/operador/.ssh/id_dsa type -1 ssh_exchange_identification: Connection closed by remote host debug1: Calling cleanup 0x8063a9c(0x0) [EMAIL PROTECTED]:~$ Como lo puedo solucionar, en hosts.allow del servidor de talca tengo: sshd: ALL y en hosts.deny ALL: PARANOID ALL: ALL y como dije todo funcionaba bien aunque el ISP me cambiara la IP en Talca, ademas esta configuracion la tengo asi en varias ciudades y funciona bien, pero mi drama es con el host de Talca. Fernando Villarroel N. __ Renovamos el Correo Yahoo! Nuevos servicios, más seguridad http://correo.yahoo.es -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ssh connection closed
on Tue, Apr 13, 2004 at 04:42:40PM +0200, Vincent Lefevre ([EMAIL PROTECTED]) wrote: Could someone explain the following behavior, i.e. the fact that the ssh connection closes after 10 minutes? Until yesterday, I didn't have any problem (but my machine ay isn't connected by the same ADSL account). TIA. Could be you've got an intermediate router that's dropping you, possibly after ten minutes' idle time. I'd added the following line to /etc/init.d/networking: networking: # set keepalives to 5 minutes rather than 3 hours networking: echo 300 /proc/sys/net/ipv4/tcp_keepalive_time ...to counter a similar problem. If you're dealing with a *hard* session timeout of 10 minutes, I'd advise you to learn to love screen. Peace. -- Karsten M. Self [EMAIL PROTECTED]http://kmself.home.netcom.com/ What Part of Gestalt don't you understand? Ever wonder why they call them call centers and not help centers? - David Zeit signature.asc Description: Digital signature
Re: ssh connection closed
On 2004-04-16 01:26:52 -0700, Karsten M. Self wrote: Could be you've got an intermediate router that's dropping you, possibly after ten minutes' idle time. If this is possible, then it could probably be the case, since the problems appeared after moving to a different ADSL connection (using a different ADSL router) -- but last time such a problem appeared with this router, this was just a coincidence. I'd added the following line to /etc/init.d/networking: networking: # set keepalives to 5 minutes rather than 3 hours networking: echo 300 /proc/sys/net/ipv4/tcp_keepalive_time ...to counter a similar problem. But the problem with keepalive is that the ssh connection is dropped after an ADSL reconnection (every 24 hours). That's why I disabled it several months ago (though it didn't always work). If you're dealing with a *hard* session timeout of 10 minutes, I'd advise you to learn to love screen. Yes, I already use it, but these closed connections are still annoying. -- Vincent Lefèvre [EMAIL PROTECTED] - Web: http://www.vinc17.org/ 100% validated (X)HTML - Acorn / RISC OS / ARM, free software, YP17, Championnat International des Jeux Mathématiques et Logiques, etc. Work: CR INRIA - computer arithmetic / SPACES project at LORIA -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
ssh connection closed
Could someone explain the following behavior, i.e. the fact that the ssh connection closes after 10 minutes? Until yesterday, I didn't have any problem (but my machine ay isn't connected by the same ADSL account). TIA. ay:~ ssh -vvv loria OpenSSH_3.8p1 Debian 1:3.8p1-2, SSH protocols 1.5/2.0, OpenSSL 0.9.7d 17 Mar 2004 debug1: Reading configuration data /home/lefevre/.ssh/config debug1: /home/lefevre/.ssh/config line 3: Deprecated option FallBackToRsh debug1: Applying options for loria debug1: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug2: ssh_connect: needpriv 0 debug1: Connecting to loria.loria.fr [152.81.144.13] port 22. debug1: Connection established. debug1: identity file /home/lefevre/.ssh/identity type 0 debug3: Not a RSA1 key file /home/lefevre/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-BEGIN' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'Proc-Type:' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'DEK-Info:' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-END' debug3: key_read: missing keytype debug1: identity file /home/lefevre/.ssh/id_rsa type 1 debug1: identity file /home/lefevre/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.7.1p2 debug1: match: OpenSSH_3.7.1p2 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.8p1 Debian 1:3.8p1-2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server-client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client-server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(102410248192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 122/256 debug2: bits set: 529/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /home/lefevre/.ssh/known_hosts debug3: check_host_in_hostfile: match line 14 debug3: check_host_in_hostfile: filename /home/lefevre/.ssh/known_hosts debug3: check_host_in_hostfile: match line 14 debug1: Host 'loria.loria.fr' is known and matches the RSA host key. debug1: Found key in /home/lefevre/.ssh/known_hosts:14 debug2: bits set: 532/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key:
connection closed by foreign host can't telnet or pop a foreign server
I can reach it on the web. It can be reached by telnet and pop from another machine (an ibook). My firewall (guarddog) allows telnet. Other servers can be telneted into and popped. The server I can't reach is a polaris. I'm new to dsl and have a new box and I'm rather ignorant of Debian and tcp/ip stuff. I've fiddled with hosts-allow and host-deny to no avail. Any suggestions? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ssh_exchange_identification: Connection closed by remote host
On Thu, Feb 20, 2003 at 04:28:48PM +0100, Andrzej Dalasinski wrote: Dnia Thu, Feb 20, 2003 at 01:31:36PM +0100 Michal Niezbecki napisał/a: obstawiam ze zmienil ci sie/brakuje rev-dns i wpis w host.deny ALL:PARANOID odrzuca polaczenie dopisz na zdalnej maszynce do host.allow ipka z ktorego sie logujesz i to co zwraca $host ten_ip it ujest chyba pies pogrzebany :)) host ten_ip zwraca nazwe dnsowa, ale juz ping nazwa.dnsowa nie dziala - znaczy skonfigurowali mi tylko odwrotny dns :( Witam ponownie, Ja mialem rev'a - a opisana sytuacja (tzn to, ze serwer odrzucal polaczenie) pojawiala sie losowo (30-40% przypadkow logowan); EOT -- Pozdrawiam CZERW = Remember, information is not knowledge, knowledge is not wisdom, wisdom is not truth, truth is not beauty, beauty is not love, love is not music, music is the best. Frank Zappa
Re: ssh_exchange_identification: Connection closed by remote host
Ja mialem rev'a - a opisana sytuacja (tzn to, ze serwer odrzucal polaczenie) pojawiala sie losowo (30-40% przypadkow logowan); EOT Moze w tych przypadkach akurat Twoj rev przestawal istniec ;-) -- Pozdrawiam, Radosław 'Warden' Antoniuk | GG: 260746 ICQ:55423024 warden(at)debian.black.pl | #lgul #debian.pl #lms
ssh_exchange_identification: Connection closed by remote host
spotkal sie ktos kiedys z takim komunikatem? goglalem chwile, ale nie znalazlem nic co by odpowiadalo mojej sytuacji: jest tak: ssh z serwera firmy na 4 znane mi serwery nie dziala i pojawia sie blad jak w temacie (solaris i trzy debiany) na piaty serwer -solaris smiga... zza maskarady ktora robi ow firmowy serwer nie da sie rowniez polaczyc na podane serwery... googlam dalej, ale gdyby ktos cos wiedzial to sprawa jest dosc pilna... pzdr yanek -- Andrzej Dalasiński | We are Microsoft. http://www.ocelotl.eu.org | What you are experiencing JID:[EMAIL PROTECTED] | is not a problem; ICQ:149147731 GG:2327061| it is an undocumented feature. pgpDDrhx9BO1F.pgp Description: PGP signature
Re: ssh_exchange_identification: Connection closed by remote host
Dnia Thu, Feb 20, 2003 at 08:57:37AM +0100, Andrzej Dalasinski napisa(a): zza maskarady ktora robi ow firmowy serwer nie da sie rowniez polaczyc na podane serwery... googlam dalej, ale gdyby ktos cos wiedzial to sprawa jest dosc pilna... a co masz w /etc/hosts.allow i /etc/hosts.deny ?? Przypadkiem nie blokujesz tam dostepu do ssh z okreslonych ipkow ? Pozdrawiam... -- Voder pgpgcNNV0Iyxg.pgp Description: PGP signature
Re: ssh_exchange_identification: Connection closed by remote host
On Thu, 20 Feb 2003, Andrzej Dalasinski wrote: spotkal sie ktos kiedys z takim komunikatem? goglalem chwile, ale nie znalazlem nic co by odpowiadalo mojej sytuacji: jest tak: ssh z serwera firmy na 4 znane mi serwery nie dziala i pojawia sie blad jak w temacie (solaris i trzy debiany) na piaty serwer -solaris smiga... zza maskarady ktora robi ow firmowy serwer nie da sie rowniez polaczyc na podane serwery... googlam dalej, ale gdyby ktos cos wiedzial to sprawa jest dosc pilna... ja tak mialem z debianem (lub frbsd, nie pamietam) i nie mam pojacie cio to bylo, ale samo przeszlo... zalogowalem sie z innej masyzny i poszlo.. wez zobacz m-ce na dyskach... tomek tomasz grzegorz zaborowski --/-- operator sieci komputerowej, IFT, UWr. http://zabora.of.pl /-[ http://zas.ift.uni.wroc.pl [EMAIL PROTECTED] /-[ 071 3759402 ---/-PHP-JAVA-SQL-CGI-HTML-UNIX-SECURE-NET-AMIGA
Re: ssh_exchange_identification: Connection closed by remote host
Dnia Thu, Feb 20, 2003 at 10:42:53AM +0100 t0masz zab0rowski napisał/a: ja tak mialem z debianem (lub frbsd, nie pamietam) i nie mam pojacie cio to bylo, ale samo przeszlo... zalogowalem sie z innej masyzny i poszlo.. wez zobacz m-ce na dyskach... tomek chyab doszedlem ze jest to cos z DNS'em, juz mecze mojego isp... jest odwzorowanie: ip-dns natomiast brak w druga strone: dns-ip mysle ze to jest problemem... pzdr yanek -- Andrzej Dalasiński | We are Microsoft. http://www.ocelotl.eu.org | What you are experiencing JID:[EMAIL PROTECTED] | is not a problem; ICQ:149147731 GG:2327061| it is an undocumented feature. pgpLN7TrO42BN.pgp Description: PGP signature
Re: ssh_exchange_identification: Connection closed by remote host
Dnia Thu, Feb 20, 2003 at 12:07:30PM +0100, Andrzej Dalasinski napisa(a): Dnia Thu, Feb 20, 2003 at 10:42:53AM +0100 t0masz zab0rowski napisał/a: ja tak mialem z debianem (lub frbsd, nie pamietam) i nie mam pojacie cio to bylo, ale samo przeszlo... zalogowalem sie z innej masyzny i poszlo.. wez zobacz m-ce na dyskach... tomek chyab doszedlem ze jest to cos z DNS'em, juz mecze mojego isp... jest odwzorowanie: ip-dns natomiast brak w druga strone: dns-ip mysle ze to jest problemem... to ja jeszcze raz z tym /etc/hosts.allow i /etc/hosts.deny ;) czy na tych serverkach nie masz przypadkiem wpisiku w .deny ALL: PARANOID ? -- Voder pgpg8ElG0Pdfn.pgp Description: PGP signature
Re: ssh_exchange_identification: Connection closed by remote host
Dnia Thu, Feb 20, 2003 at 12:41:02PM +0100 Dariusz Rubinkiewicz napisał/a: Dnia Thu, Feb 20, 2003 at 12:07:30PM +0100, Andrzej Dalasinski napisa(a): Dnia Thu, Feb 20, 2003 at 10:42:53AM +0100 t0masz zab0rowski napisał/a: ja tak mialem z debianem (lub frbsd, nie pamietam) i nie mam pojacie cio to bylo, ale samo przeszlo... zalogowalem sie z innej masyzny i poszlo.. wez zobacz m-ce na dyskach... tomek chyab doszedlem ze jest to cos z DNS'em, juz mecze mojego isp... jest odwzorowanie: ip-dns natomiast brak w druga strone: dns-ip mysle ze to jest problemem... to ja jeszcze raz z tym /etc/hosts.allow i /etc/hosts.deny ;) czy na tych serverkach nie masz przypadkiem wpisiku w .deny ALL: PARANOID ? nie wieem z innych hostow nie ma problemow z zalogowaniem, tylko z jednego konkretnego wiec to jego wina a nie serwerkow ...tak mi sie wydaje... /yanek -- Andrzej Dalasiński | We are Microsoft. http://www.ocelotl.eu.org | What you are experiencing JID:[EMAIL PROTECTED] | is not a problem; ICQ:149147731 GG:2327061| it is an undocumented feature. pgpiqursAPaKO.pgp Description: PGP signature
Re: ssh_exchange_identification: Connection closed by remote host
Witaj Andrzej, Thursday, February 20, 2003, 12:52:38 PM, you wrote: to ja jeszcze raz z tym /etc/hosts.allow i /etc/hosts.deny ;) czy na tych serverkach nie masz przypadkiem wpisiku w .deny ALL: PARANOID ? Andrzej Dalasinski nie wieem z innych hostow nie ma problemow z zalogowaniem, tylko z Andrzej Dalasinski jednego konkretnego wiec to jego wina a nie serwerkow Andrzej Dalasinski ...tak mi sie wydaje... obstawiam ze zmienil ci sie/brakuje rev-dns i wpis w host.deny ALL:PARANOID odrzuca polaczenie dopisz na zdalnej maszynce do host.allow ipka z ktorego sie logujesz i to co zwraca $host ten_ip -- Pozdrawiam, Michalmailto:[EMAIL PROTECTED] -- www.kkr.org.pl www.wrc.net.pl
Re: ssh_exchange_identification: Connection closed by remote host
On Thu, Feb 20, 2003 at 12:52:38PM +0100, Andrzej Dalasinski wrote: to ja jeszcze raz z tym /etc/hosts.allow i /etc/hosts.deny ;) czy na tych serverkach nie masz przypadkiem wpisiku w .deny ALL: PARANOID ? nie wieem z innych hostow nie ma problemow z zalogowaniem, tylko z jednego konkretnego wiec to jego wina a nie serwerkow ...tak mi sie wydaje... Wpisz hosta z którego się logujesz do /etc/host.allow serwera ssh - tylko po ipku. Możliwe, że masz go tam wpisanego po nazwie. Mozliwe takze, ze serwer DNS troche za wolno odpowiada na pytania serwera ssh o nazwe hosta, z ktorego sie logujesz , wtedy twoj host jest traktowany jako PARANOID. Tak to sobie wykombinowałem (nie jestem pewny czy jest tak naprawde - jak bym sie mylil to prosze szanownych grupowiczow by mnie oswiecic) w każdym bądź razie u mnie pomogło. -- Pozdrawiam CZERW = Remember, information is not knowledge, knowledge is not wisdom, wisdom is not truth, truth is not beauty, beauty is not love, love is not music, music is the best. Frank Zappa
Re: ssh_exchange_identification: Connection closed by remote host
ja tak mialem z debianem (lub frbsd, nie pamietam) i nie mam pojacie cio to bylo, ale samo przeszlo... zalogowalem sie z innej masyzny i poszlo.. wez zobacz m-ce na dyskach... tomek chyab doszedlem ze jest to cos z DNS'em, juz mecze mojego isp... jest odwzorowanie: ip-dns natomiast brak w druga strone: dns-ip mysle ze to jest problemem... to ja jeszcze raz z tym /etc/hosts.allow i /etc/hosts.deny ;) czy na tych serverkach nie masz przypadkiem wpisiku w .deny ALL: PARANOID ? Hmmm, w katalogach domowych użytkowników są w katalogu ssh jest plik known_hosts może poprostu używają różnych kluczy, wyczyść ten plik i spróbuj ( zrób kopie oczywiście ), ale ja bym z tym raczej kombinował. Powodzenia, Lucas
Re: ssh_exchange_identification: Connection closed by remote host
Dnia Thu, Feb 20, 2003 at 12:52:38PM +0100, Andrzej Dalasinski napisa(a): Dnia Thu, Feb 20, 2003 at 12:41:02PM +0100 Dariusz Rubinkiewicz napisał/a: Dnia Thu, Feb 20, 2003 at 12:07:30PM +0100, Andrzej Dalasinski napisa(a): Dnia Thu, Feb 20, 2003 at 10:42:53AM +0100 t0masz zab0rowski napisał/a: ja tak mialem z debianem (lub frbsd, nie pamietam) i nie mam pojacie cio to bylo, ale samo przeszlo... zalogowalem sie z innej masyzny i poszlo.. wez zobacz m-ce na dyskach... tomek chyab doszedlem ze jest to cos z DNS'em, juz mecze mojego isp... jest odwzorowanie: ip-dns natomiast brak w druga strone: dns-ip mysle ze to jest problemem... to ja jeszcze raz z tym /etc/hosts.allow i /etc/hosts.deny ;) czy na tych serverkach nie masz przypadkiem wpisiku w .deny ALL: PARANOID ? nie wieem z innych hostow nie ma problemow z zalogowaniem, tylko z jednego konkretnego wiec to jego wina a nie serwerkow ...tak mi sie wydaje... to ja powiem tylko tak...o ile mnie pamiec nie myli to defaultowo w hosts.deny jest ALL: PARANOID -- jednym slowem dostep z maszyn bez reva powoduje komunikat jak temacie. Druga sprawa -- w przypadku limitowania dostepu z okreslonych IP do sshd za pomoca wlasnie hosts.allow i hosts.deny powyzszy komunikat jak najbardziej wyglada wlasnie w taki sposob jesli nasze IP nie pasuje do wzorca. Wydaje mi sie ze servki maja wpis ALL:PARANOID, a ty straciles reva i dlatego Cie nie wpuszcza...kwestia polityki w przyznawaniu praw do uslug ;) Przynajmniej tak to wyglada w moim przypadku...to sa jedyne 2 sytuacje kiedy spotkalem sie z powyzszym komunikatem. Pozdrawiam -- Voder pgpdp5qtWhP7c.pgp Description: PGP signature
Re: ssh_exchange_identification: Connection closed by remote host
On Thu, 20 Feb 2003 08:57:37 +0100 Andrzej Dalasinski [EMAIL PROTECTED] wrote: spotkal sie ktos kiedys z takim komunikatem? goglalem chwile, ale nie znalazlem nic co by odpowiadalo mojej sytuacji: jest tak: ssh z serwera firmy na 4 znane mi serwery nie dziala i pojawia sie blad jak w temacie (solaris i trzy debiany) na piaty serwer -solaris smiga... zza maskarady ktora robi ow firmowy serwer nie da sie rowniez polaczyc na podane serwery... googlam dalej, ale gdyby ktos cos wiedzial to sprawa jest dosc pilna... Dzisiaj miałem to samo. Ale na moim serwerze sshd było uruchamiane 2 razy z /etc/init.d/ssh oraz z samego ineta przez tcpserwer co skutkowało wywalaniem się sshd i powyższym komunikatem u klienta. Usunąłem z ineta i gra. -- Wiktor Bauer RegisteredLinuxUser 197579
Re: ssh_exchange_identification: Connection closed by remote host
Dnia Thu, Feb 20, 2003 at 01:31:36PM +0100 Michal Niezbecki napisał/a: Witaj Andrzej, Thursday, February 20, 2003, 12:52:38 PM, you wrote: to ja jeszcze raz z tym /etc/hosts.allow i /etc/hosts.deny ;) czy na tych serverkach nie masz przypadkiem wpisiku w .deny ALL: PARANOID ? Andrzej Dalasinski nie wieem z innych hostow nie ma problemow z zalogowaniem, tylko z Andrzej Dalasinski jednego konkretnego wiec to jego wina a nie serwerkow Andrzej Dalasinski ...tak mi sie wydaje... obstawiam ze zmienil ci sie/brakuje rev-dns i wpis w host.deny ALL:PARANOID odrzuca polaczenie dopisz na zdalnej maszynce do host.allow ipka z ktorego sie logujesz i to co zwraca $host ten_ip it ujest chyba pies pogrzebany :)) host ten_ip zwraca nazwe dnsowa, ale juz ping nazwa.dnsowa nie dziala - znaczy skonfigurowali mi tylko odwrotny dns :( ... chcialoby sie zabluznic... dzieki za pomoc... ...bede dzwonil do mojego providera... /yanek -- Andrzej Dalasiński | We are Microsoft. http://www.ocelotl.eu.org | What you are experiencing JID:[EMAIL PROTECTED] | is not a problem; ICQ:149147731 GG:2327061| it is an undocumented feature. pgpUlnkiDHLoY.pgp Description: PGP signature
Re: ssh_exchange_identification: Connection closed by remote host PART II
On Sun, 24 Mar 2002 18:29:39 -0600, Dimitri Maziuk wrote: * Gary Turner ([EMAIL PROTECTED]) spake thusly: On Sun, 24 Mar 2002 13:12:56 -0600, Dimitri Maziuk wrote: Didn't you read Sven's rely? It says DNS problem right there. Make that reply. Hmph; I see so many typos on the lists, I don't even see my own any more. |:-( Yes, I did. Didn't you read mine? If this is not germane to the thread, I apologize. If it is wrong, I seek instruction. Well, it's relevant as most tcp apps rely on DNS for hostname resolution. It's not particular to ssh or tcp wrappers, though. DNS configuration, OTOH, is too big a topic for a quick instruction in an email reply. There are books and howtos on the subject. OK, thanks. I put the neo in phyte and am building my system task at a time. DNS and SSH are dishes I'm not ready to wash just yet. :) Just to give you a concrete example: assume 192.168.1.0 subnet. Missing a trailing dot in RDNS zone, like this: 1 IN PTR host.foo.bar dot missing here ---^ will result in reverse lookup for 192.168.1.1 returning something like host.foo.bar.in-addr.arpa. That will not match *.foo.bar entry in hosts.allow, nor the entry in ssh's known hosts file. Curiosity just bit me in the butt. Where does the .in-addr.arpa come from? For example, if this were my LAN, bessie.blues matches 192.168.0.1. How/why would higher level domains be added? If the reverse look-up went to the WAN, isn't the ~declared~ domain name compared to the name registered to the IP? If curiosity took too big a bite to cover with a Bandaid, no prob. I'll get to the books soon enough. So if DNS is b0rked, questions about tcp wrappers don't apply, if you see what I mean. Actually not, yet. ;~} The really interesting question is whether relying on something as notoriously unreliable as DNS for access control is a sane idea. Vagrant thought: Either hosts.access is not the appropriate tool in this case, or the reverse look-up does not use it properly (from hosts.* point of view). Either way, I dislike the idea of defaulting to allow rather than deny. See above in re Bandaid. :) -- gt It is interesting to note that as one evil empire (generic) fell, another Evil Empire (tm) began its nefarious rise. -- me -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ssh_exchange_identification: Connection closed by remote host PART II
* Gary Turner ([EMAIL PROTECTED]) spake thusly: On Sun, 24 Mar 2002 18:29:39 -0600, Dimitri Maziuk wrote: * Gary Turner ([EMAIL PROTECTED]) spake thusly: On Sun, 24 Mar 2002 13:12:56 -0600, Dimitri Maziuk wrote: Didn't you read Sven's rely? It says DNS problem right there. Make that reply. Hmph; I see so many typos on the lists, I don't even see my own any more. |:-( Yes, I did. Didn't you read mine? If this is not germane to the thread, I apologize. If it is wrong, I seek instruction. Well, it's relevant as most tcp apps rely on DNS for hostname resolution. It's not particular to ssh or tcp wrappers, though. DNS configuration, OTOH, is too big a topic for a quick instruction in an email reply. There are books and howtos on the subject. OK, thanks. I put the neo in phyte and am building my system task at a time. DNS and SSH are dishes I'm not ready to wash just yet. :) Just to give you a concrete example: assume 192.168.1.0 subnet. Missing a trailing dot in RDNS zone, like this: 1 IN PTR host.foo.bar dot missing here ---^ will result in reverse lookup for 192.168.1.1 returning something like host.foo.bar.in-addr.arpa. That will not match *.foo.bar entry in hosts.allow, nor the entry in ssh's known hosts file. Curiosity just bit me in the butt. Where does the .in-addr.arpa come from? From the way bind works. See e.g. O'Reilly's DNS and Bind. So if DNS is b0rked, questions about tcp wrappers don't apply, if you see what I mean. Actually not, yet. ;~} If your DNS is b0rked, access control is b0rked, too. Regardless of whether your hosts.access files are correct. The really interesting question is whether relying on something as notoriously unreliable as DNS for access control is a sane idea. Vagrant thought: Either hosts.access is not the appropriate tool in this case, or the reverse look-up does not use it properly (from hosts.* point of view). It's host.access that uses DNS lookups, not the other way around. It works most of the time and gives you another layer of access control (defence in depth). It's just that between misconfigured servers, DNS spoofing, etc., it's a wonder it works at all. Dima -- Tlaloc: What was Elrond's second name? Gruber: Hubbard -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ssh_exchange_identification: Connection closed by remote host PART II
On Mon, Mar 25, 2002 at 09:57:13AM -0600, Dimitri Maziuk wrote: Curiosity just bit me in the butt. Where does the .in-addr.arpa come from? From the way bind works. See e.g. O'Reilly's DNS and Bind. Well, er, it's not there because of the way BIND works. Rather, BIND works that way because it is conforming to the standards. See STD13, section 5.2.1 and RFC1035, section 3.5 for some discussion of the IN-ADDR.ARPA domain. Sorry to be pedantic :) -- Nathan Norman - Micromuse Ltd. mailto:[EMAIL PROTECTED] Gil-galad was an Elven-king.| The Fellowship Of him the harpers sadly sing: |of the last whose realm was fair and free | the Ring between the Mountains and the Sea. | J.R.R. Tolkien pgpcJadLGIDpo.pgp Description: PGP signature
Re: ssh_exchange_identification: Connection closed by remote host PART II
* Nathan E Norman ([EMAIL PROTECTED]) spake thusly: On Mon, Mar 25, 2002 at 09:57:13AM -0600, Dimitri Maziuk wrote: Curiosity just bit me in the butt. Where does the .in-addr.arpa come from? From the way bind works. See e.g. O'Reilly's DNS and Bind. Well, er, it's not there because of the way BIND works. Rather, BIND works that way because it is conforming to the standards. See STD13, section 5.2.1 and RFC1035, section 3.5 for some discussion of the IN-ADDR.ARPA domain. Sorry to be pedantic :) It's OK. I should've said because that's How Things Are[tm]. ;) Dima -- Yes, Java is so bulletproofed that to a C programmer it feels like being in a straightjacket, but it's a really comfy and warm straightjacket, and the world would be a safer place if everyone was straightjacketed most of the time. -- Mark 'Kamikaze' Hughes -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ssh_exchange_identification: Connection closed by remote host PART II
On Sat, Mar 23, 2002 at 01:09:37PM -0800, Jaye Inabnit ke6sls wrote: Greetings again: I have sshd working again after adding an entry in my firewall/router's /etc/hosts.allow file, but I am rather concerned that sshd included tcp_wrappers without alerting users that are upgrading software via apt or dselect! Unless I missed something, I always read all the notifications during each Woody upgrade. My question now is this: do I need to make these hosts_allow entries into each of my linux computers? I still find it very odd that all the other computers were able to connect to my firewall/router as it was, and only my Woody box was banned from connecting. IIRC it helps fixing your DNS problem. The real problem is that in /etc/hosts.deny is ALL:PARANOID set. This entry blocks all hosts that have an invalid or no PTR record. Sven -- Lamer! :)\nLokaler Admin mit enormen Rechten[tm] [Christian Schneider und Jens Himmelrath in alt.hacker.org-gcf] http://www.linux-secure.de http://www.linuxboard.de http://www.bluephod.net http://www.disconow.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ssh_exchange_identification: Connection closed by remote host PART II
On Sun, 24 Mar 2002 08:46:00 +0100, Sven Hoexter wrote: On Sat, Mar 23, 2002 at 01:09:37PM -0800, Jaye Inabnit ke6sls wrote: My question now is this: do I need to make these hosts_allow entries into each of my linux computers? I still find it very odd that all the other computers were able to connect to my firewall/router as it was, and only my Woody box was banned from connecting. IIRC it helps fixing your DNS problem. The real problem is that in /etc/hosts.deny is ALL:PARANOID set. This entry blocks all hosts that have an invalid or no PTR record. My understanding has been that /etc/hosts.deny ALL:PARANOID is a good thing (tm), in that visitors not invited in, are kicked out. Which is your objection in this case. /etc/hosts.allow is tested first and if a match is found, then host.deny is never tested. Thus, you can allow your whole LAN by: ALL : 192.168.0. # --note the trailing . or a piece of it: ALL : 192.168.0. EXCEPT 192.168.0.46# or ALL : .foo.bar EXCEPT honker.foo.bar # note leading . Won't these general allows eliminate the need to edit each host for each addition/subtraction on your net? If ALL : PARANOID is not used in hosts.deny, then any host not specifically denied, is allowed. That seems to me to be a bad thing (tm). In the above example, everybody in the world except honker is let in. If this is not germane to the thread, I apologize. If it is wrong, I seek instruction. -- gt It is interesting to note that as one evil empire (generic) fell, another Evil Empire (tm) began its nefarious rise. -- me -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ssh_exchange_identification: Connection closed by remote host PART II
Em Sáb, 2002-03-23 às 18:09, Jaye Inabnit ke6sls escreveu: Greetings again: I have sshd working again after adding an entry in my firewall/router's /etc/hosts.allow file, but I am rather concerned that sshd included tcp_wrappers without alerting users that are upgrading software via apt or dselect! Unless I missed something, I always read all the notifications during each Woody upgrade. My question now is this: do I need to make these hosts_allow entries into each of my linux computers? I still find it very odd that all the other computers were able to connect to my firewall/router as it was, and only my Woody box was banned from connecting. The only other thing that might add to the syndrome is that I have a user logged (ssh) into my box via the router for several weeks compiling kde3. shrug [EMAIL PROTECTED] To which interface of your firewall are you connecting ? wiht ALL:PARANOID in hosts.deny you will not be able to connect to the external interface because name/IP won't fit together. If you connect to the internal interface just check to see if your hosts file contains your IP/name: it should work if they are. Michel. original msg Greetings: I am unable to connect to my cable firewall/router from my desktop box suddenly. I have gone so far as to wipe out my known_hosts file from my .ssh directory, but this still gives me the same error. What is unusual is that I can ssh to any of the other computers on my lan, *then* ssh to my router without difficulty. What did I do wrong? Any help gleefully excepted. I am running woody on both boxes, and updated them an hour ago. I also ran dpkg-reconfigure for ssh on the router just in case I had an update and entered a wrong value. PS plz mail me direct as I am not on this list. thank you -- Jaye Inabnit\ARS ke6sls\/A GNU-Debian linux user\/ http://www.qsl.net/ke6sls If it's stupid, but works, it ain't stupid. I SHOUT JUST FOR FUN. Free software, in a free world, for a free spirit. Please Support freedom! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ssh_exchange_identification: Connection closed by remote host PART II
* Gary Turner ([EMAIL PROTECTED]) spake thusly: On Sun, 24 Mar 2002 08:46:00 +0100, Sven Hoexter wrote: On Sat, Mar 23, 2002 at 01:09:37PM -0800, Jaye Inabnit ke6sls wrote: My question now is this: do I need to make these hosts_allow entries into each of my linux computers? I still find it very odd that all the other computers were able to connect to my firewall/router as it was, and only my Woody box was banned from connecting. IIRC it helps fixing your DNS problem. The real problem is that in /etc/hosts.deny is ALL:PARANOID set. This entry blocks all hosts that have an invalid or no PTR record. My understanding has been that /etc/hosts.deny ALL:PARANOID is a good thing (tm), in that visitors not invited in, are kicked out. Which is your objection in this case. /etc/hosts.allow is tested first and if a match is found, then host.deny is never tested. Thus, you can allow your whole LAN by: ALL : 192.168.0. # --note the trailing . or a piece of it: ALL : 192.168.0. EXCEPT 192.168.0.46# or ALL : .foo.bar EXCEPT honker.foo.bar # note leading . Won't these general allows eliminate the need to edit each host for each addition/subtraction on your net? If ALL : PARANOID is not used in hosts.deny, then any host not specifically denied, is allowed. That seems to me to be a bad thing (tm). In the above example, everybody in the world except honker is let in. It'll work *if* *reverse* *DNS* is working on 192.168.0.0. Otherwise either tcp wrappers or ssh itself (dep. on sshd config options) will refuse connections. Didn't you read Sven's rely? It says DNS problem right there. Dima -- Backwards compatibility is either a pun or an oxymoron. -- PGN -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ssh_exchange_identification: Connection closed by remote host PART II
On Sun, 24 Mar 2002 13:12:56 -0600, Dimitri Maziuk wrote: * Gary Turner ([EMAIL PROTECTED]) spake thusly: On Sun, 24 Mar 2002 08:46:00 +0100, Sven Hoexter wrote: On Sat, Mar 23, 2002 at 01:09:37PM -0800, Jaye Inabnit ke6sls wrote: big snip Didn't you read Sven's rely? It says DNS problem right there. Yes, I did. Didn't you read mine? If this is not germane to the thread, I apologize. If it is wrong, I seek instruction. -- gt Everything here could be wrong--Messiah's Handbook--Bach -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: ssh_exchange_identification: Connection closed by remote host PART II
* Gary Turner ([EMAIL PROTECTED]) spake thusly: On Sun, 24 Mar 2002 13:12:56 -0600, Dimitri Maziuk wrote: * Gary Turner ([EMAIL PROTECTED]) spake thusly: On Sun, 24 Mar 2002 08:46:00 +0100, Sven Hoexter wrote: On Sat, Mar 23, 2002 at 01:09:37PM -0800, Jaye Inabnit ke6sls wrote: big snip Didn't you read Sven's rely? It says DNS problem right there. Make that reply. Yes, I did. Didn't you read mine? If this is not germane to the thread, I apologize. If it is wrong, I seek instruction. Well, it's relevant as most tcp apps rely on DNS for hostname resolution. It's not particular to ssh or tcp wrappers, though. DNS configuration, OTOH, is too big a topic for a quick instruction in an email reply. There are books and howtos on the subject. Just to give you a concrete example: assume 192.168.1.0 subnet. Missing a trailing dot in RDNS zone, like this: 1 IN PTR host.foo.bar dot missing here ---^ will result in reverse lookup for 192.168.1.1 returning something like host.foo.bar.in-addr.arpa. That will not match *.foo.bar entry in hosts.allow, nor the entry in ssh's known hosts file. So if DNS is b0rked, questions about tcp wrappers don't apply, if you see what I mean. The really interesting question is whether relying on something as notoriously unreliable as DNS for access control is a sane idea. Dima -- Tlaloc: What was Elrond's second name? Gruber: Hubbard -- [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
ssh_exchange_identification: Connection closed by remote host
Greetings: I am unable to connect to my cable firewall/router from my desktop box suddenly. I have gone so far as to wipe out my known_hosts file from my .ssh directory, but this still gives me the same error. What is unusual is that I can ssh to any of the other computers on my lan, *then* ssh to my router without difficulty. What did I do wrong? Any help gleefully excepted. I am running woody on both boxes, and updated them an hour ago. I also ran dpkg-reconfigure for ssh on the router just in case I had an update and entered a wrong value. PS plz mail me direct as I am not on this list. thank you -- Jaye Inabnit\ARS ke6sls\/A GNU-Debian linux user\/ http://www.qsl.net/ke6sls If it's stupid, but works, it ain't stupid. I SHOUT JUST FOR FUN. Free software, in a free world, for a free spirit. Please Support freedom! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
ssh_exchange_identification: Connection closed by remote host PART II
Greetings again: I have sshd working again after adding an entry in my firewall/router's /etc/hosts.allow file, but I am rather concerned that sshd included tcp_wrappers without alerting users that are upgrading software via apt or dselect! Unless I missed something, I always read all the notifications during each Woody upgrade. My question now is this: do I need to make these hosts_allow entries into each of my linux computers? I still find it very odd that all the other computers were able to connect to my firewall/router as it was, and only my Woody box was banned from connecting. The only other thing that might add to the syndrome is that I have a user logged (ssh) into my box via the router for several weeks compiling kde3. shrug [EMAIL PROTECTED] original msg Greetings: I am unable to connect to my cable firewall/router from my desktop box suddenly. I have gone so far as to wipe out my known_hosts file from my .ssh directory, but this still gives me the same error. What is unusual is that I can ssh to any of the other computers on my lan, *then* ssh to my router without difficulty. What did I do wrong? Any help gleefully excepted. I am running woody on both boxes, and updated them an hour ago. I also ran dpkg-reconfigure for ssh on the router just in case I had an update and entered a wrong value. PS plz mail me direct as I am not on this list. thank you -- Jaye Inabnit\ARS ke6sls\/A GNU-Debian linux user\/ http://www.qsl.net/ke6sls If it's stupid, but works, it ain't stupid. I SHOUT JUST FOR FUN. Free software, in a free world, for a free spirit. Please Support freedom! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Connection closed
Hi, Did the telnet to the site work before you upgrade to 2.0? Are you using Xwindows? When I connect to certain hosts via telnet (similar via ftp), I'll get a messgae like this: Connected to site.whatever.edu Escape character is '^]'. which is as usual then followed by: Connection closed by foreign host. Assume for the moment that it is not an ISP problem, is there anything specific to my machine that is causing this? I'd love some hints. Jieyao [EMAIL PROTECTED] ICQ 836655 Don't waste your computer's time. Join the Singapore RC5 Effort now! http://www.raffles.nus.edu.sg/~rekcah/rc5/
Connection closed
When I connect to certain hosts via telnet (similar via ftp), I'll get a messgae like this: Connected to site.whatever.edu Escape character is '^]'. which is as usual then followed by: Connection closed by foreign host. Assume for the moment that it is not an ISP problem, is there anything specific to my machine that is causing this? I'd love some hints. TIA, Richard
Re: Connection closed
Richard Sevenich wrote: Connected to site.whatever.edu Escape character is '^]'. which is as usual then followed by: Connection closed by foreign host. Assume for the moment that it is not an ISP problem, is there anything specific to my machine that is causing this? Probably not. This is what you typically see when a computer is configured via /etc/hosts.deny to not let you telnet to it. It's possible they hve something in particular against you, but it's more likely they just operate on a policy of only enabling incoming telnet from machines that they trust. -- see shy jo
Re: Connection closed
When I connect to certain hosts via telnet (similar via ftp), I'll get a messgae like this: Connected to site.whatever.edu Escape character is '^]'. which is as usual then followed by: Connection closed by foreign host. Assume for the moment that it is not an ISP problem, is there anything specific to my machine that is causing this? I'd love some hints. TIA, Richard To my knowledge, this is caused by a refusal on the remote end to allow connections from random sites. I've seen the same 'behaviour' when I set my hosts.deny file to refuse connections to any site but the ones I specify in either that file, or in hosts.allow. Taren
Re: Connection closed by foreign host.
Perhaps telnet is working properly but something else is causing your login shell to exit immediately. I get a similar response, not with telnet, but with script. I would get Script started, output file is typescript and then it would immediately exit with Script done, output file is typescript. This happens with bash at the console, but it does not happen in an rxvt, and it doesn't happen with zsh at all. I don't notice it anymore since I use zsh all the time now, but a quick check revealed that it's still doing that. Try putting an echo Hello telnet world as the first line of you .bashrc (or whatever shell initialization file you use), to verify whether your telnet session gets at least that far. If it doesn't, try switching login shells and see if it that works. ** MICHAEL SCOTT ORR [EMAIL PROTECTED] * ** 1405 NE 56th Street, Seattle, WA 98105 USA * English * ** Tel: +1 (206) 522-9627, fax: 328-6209 *Russki * ** Work: [EMAIL PROTECTED] * Esperanto * * (Insert silly quote here)
Re: Connection closed by foreign host.
Ah, good call. I'll try it. Thanks On Sun, 23 Mar 1997, Mike Orr wrote: Perhaps telnet is working properly but something else is causing your login shell to exit immediately. I get a similar response, not with telnet, but with script. I would get Script started, output file is typescript and then it would immediately exit with Script done, output file is typescript. This happens with bash at the console, but it does not happen in an rxvt, and it doesn't happen with zsh at all. I don't notice it anymore since I use zsh all the time now, but a quick check revealed that it's still doing that. Try putting an echo Hello telnet world as the first line of you .bashrc (or whatever shell initialization file you use), to verify whether your telnet session gets at least that far. If it doesn't, try switching login shells and see if it that works. ** MICHAEL SCOTT ORR [EMAIL PROTECTED] * ** 1405 NE 56th Street, Seattle, WA 98105 USA * English * ** Tel: +1 (206) 522-9627, fax: 328-6209 *Russki * ** Work: [EMAIL PROTECTED] * Esperanto * * (Insert silly quote here) Jason Killen Question Stupidity Monolith : the new ANSI standard for humans RPS : better living through [EMAIL PROTECTED] world domination
Re: Connection closed by foreign host.
On Thu, 20 Mar 1997, Jason Killen wrote: Which log is the log? I'm looked throught last and auth.log but found nothing. OK; do this: 1. Attempt a telnet session. 2. When it fails, cd to /var/log. 3. ls -ltr The error (if logged) will be in one of the last files listed. (My guess is daemon.log.)
Re: Connection closed by foreign host.
Simple enough, so easy I should have thought of it myself (TM). daemon.log says Mar 21 00:20:59 rn120006 in.tel[9586]: connect from 127.0.0.1 Ekk. Now I'm really confused, I reinstalled getty and login. Anymore ideas? On Thu, 20 Mar 1997, Paul Christenson [N3EOP] wrote: On Thu, 20 Mar 1997, Jason Killen wrote: Which log is the log? I'm looked throught last and auth.log but found nothing. OK; do this: 1. Attempt a telnet session. 2. When it fails, cd to /var/log. 3. ls -ltr The error (if logged) will be in one of the last files listed. (My guess is daemon.log.) Jason Killen Question Stupidity Monolith : the new ANSI standard for humans RPS : better living through [EMAIL PROTECTED] world domination
Re: Connection closed by foreign host.
On Wed, 19 Mar 1997, Jason Killen wrote: I cant rlogin either but I do get mail along with other services. What happens exactally is I try to telnet in and I get Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. Is there a delay between the 'Escape' and 'Connection closed' lines? If so, it may be trying to resolve the names. However, if you deleted/recreated the hosts.deny file, then it shouldn't be worrying about that. What does the log say?
Re: Connection closed by foreign host.
There is a delay between the Escape character is '^]' and Connection closed. Which log is the log? I'm looked throught last and auth.log but found nothing. On Wed, 19 Mar 1997, Paul Christenson [N3EOP] wrote: On Wed, 19 Mar 1997, Jason Killen wrote: I cant rlogin either but I do get mail along with other services. What happens exactally is I try to telnet in and I get Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. Is there a delay between the 'Escape' and 'Connection closed' lines? If so, it may be trying to resolve the names. However, if you deleted/recreated the hosts.deny file, then it shouldn't be worrying about that. What does the log say? Jason KillenQuestion Stupidity Monolith : driven by inner daemons RPS : better living through world [EMAIL PROTECTED]domination
Re: Connection closed by foreign host.
Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. Is there a delay between the 'Escape' and 'Connection closed' lines? If so, it may be trying to resolve the names. However, if you deleted/recreated the hosts.deny file, then it shouldn't be worrying about that. I get this behaviour often just after I opened my ppp-link to the University and am trying to connect to a HP/UX server (9000/735, HPUX 10). But only on the first try, when I try again everything goes as expected. Maarten _ | Maarten Boekhold, Faculty of Electrical Engineering TU Delft, NL| |[EMAIL PROTECTED] [EMAIL PROTECTED] | -
Connection closed by foreign host.
I have a problem that I havent been able to fix. Since I upgraded everything from 1.2 to 1.2.7 I havent been able to telnet into my machine. I have tried everything from deleting host.allow and hosts.deny and then touching them to installing the new netstd and nothing seems to help. I cant rlogin either but I do get mail along with other services. What happens exactally is I try to telnet in and I get Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. I have tried telneting in from off machine but that dosent make any difference either. Can anyone help? Jason KillenQuestion Stupidity Monolith : driven by inner daemons RPS : better living through world [EMAIL PROTECTED]domination
Connection closed by host
I just updated everything I have but now when I try to telnet into my machine I get a connection closed by host. I checked inetd.conf and found in.telnetd, other than that I'm not sure what could be wrong. Other things work eg sendmail. Any ideas?? Jason KillenQuestion Stupidity Monolith : driven by inner daemons RPS : better living through world [EMAIL PROTECTED]domination