On Thursday, 10 June 2010 18:35:33 McGraw, Robert P wrote:
Any ideas on how to solve the following problem.
hamilton is shown as ssh ok, status unchanged for a week, but you can't ssh in:
% ssh -v hamilton OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to hamilton [128.210.3.42] port 22. debug1: Connection established. debug1: identity file /homes/jflack/.ssh/identity type -1 debug1: identity file /homes/jflack/.ssh/id_rsa type -1 debug1: identity file /homes/jflack/.ssh/id_dsa type -1 debug1: loaded 3 keys debug1: Remote protocol version 1.99, remote software version OpenSSH_3.9p1
This is quite an old version. Time to consider an upgrade?
debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.3 debug1: SSH2_MSG_KEXINIT sent Read from socket failed: Connection reset by peer
Apparently something goes wrong in the server just at the start of key exchange. The xymon ssh test reports the remote protocol and software versions, so it must converse at least that far, but I guess it doesn't go on through the key exchange.
The ssh server going wrong that way seems to be a familiar failure mode for our linux boxes,
In quite a few years in production environments with hundreds of linux servers, I haven't seen that myself ...
Have you managed to find a way to reproduce it? Have you filed a bug? IOW, maybe prevention of the problem is better than identification.
Regards, Buchan