Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: SSH Server unexpectedly closed network connection

  1. #1
    Join Date
    Sep 2008
    Location
    England
    Beans
    Hidden!
    Distro
    Ubuntu

    SSH Server unexpectedly closed network connection

    Hello, I haven't used SSH from Putty for awhile now and I must have changed something which is now preventing me from accessing my home server.

    sshd_config
    Code:
    # Package generated configuration file
    # See the sshd_config(5) manpage for details
    
    # What ports, IPs and protocols we listen for
    Port 49452
    # Use these options to restrict which interfaces/protocols sshd will bind to
    #ListenAddress ::
    #ListenAddress 0.0.0.0
    Protocol 2
    # HostKeys for protocol version 2
    HostKey /etc/ssh/ssh_host_rsa_key
    HostKey /etc/ssh/ssh_host_dsa_key
    HostKey /etc/ssh/ssh_host_ecdsa_key
    #Privilege Separation is turned on for security
    UsePrivilegeSeparation yes
    
    # Lifetime and size of ephemeral version 1 server key
    KeyRegenerationInterval 3600
    ServerKeyBits 768
    
    # Logging
    SyslogFacility AUTH
    LogLevel INFO
    
    # Authentication:
    LoginGraceTime 120
    PermitRootLogin no
    StrictModes yes
    
    RSAAuthentication yes
    PubkeyAuthentication yes
    #AuthorizedKeysFile	%h/.ssh/authorized_keys
    
    # Don't read the user's ~/.rhosts and ~/.shosts files
    IgnoreRhosts yes
    # For this to work you will also need host keys in /etc/ssh_known_hosts
    RhostsRSAAuthentication no
    # similar for protocol version 2
    HostbasedAuthentication no
    # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
    #IgnoreUserKnownHosts yes
    
    # To enable empty passwords, change to yes (NOT RECOMMENDED)
    PermitEmptyPasswords no
    
    # Change to yes to enable challenge-response passwords (beware issues with
    # some PAM modules and threads)
    ChallengeResponseAuthentication no
    
    # Change to no to disable tunnelled clear text passwords
    PasswordAuthentication yes
    
    # Kerberos options
    #KerberosAuthentication no
    #KerberosGetAFSToken no
    #KerberosOrLocalPasswd yes
    #KerberosTicketCleanup yes
    
    # GSSAPI options
    #GSSAPIAuthentication no
    #GSSAPICleanupCredentials yes
    
    X11Forwarding yes
    X11DisplayOffset 10
    PrintMotd no
    PrintLastLog yes
    TCPKeepAlive yes
    #UseLogin no
    
    #MaxStartups 10:30:60
    #Banner /etc/issue.net
    
    # Allow client to pass locale environment variables
    AcceptEnv LANG LC_*
    
    Subsystem sftp /usr/lib/openssh/sftp-server
    
    # Set this to 'yes' to enable PAM authentication, account processing,
    # and session processing. If this is enabled, PAM authentication will
    # be allowed through the ChallengeResponseAuthentication and
    # PasswordAuthentication.  Depending on your PAM configuration,
    # PAM authentication via ChallengeResponseAuthentication may bypass
    # the setting of "PermitRootLogin without-password".
    # If you just want the PAM account and session checks to run without
    # PAM authentication, then enable this but set PasswordAuthentication
    # and ChallengeResponseAuthentication to 'no'.
    UsePAM yes
    I tried updating my iptables, but I'm not too sure exactly what I'm doing there.

    Code:
    rhys@tomato:~$ sudo iptables -L
    Chain INPUT (policy ACCEPT)
    target     prot opt source               destination         
    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:49452
    
    Chain FORWARD (policy ACCEPT)
    target     prot opt source               destination         
    
    Chain OUTPUT (policy ACCEPT)
    target     prot opt source               destination
    Code:
    rhys@tomato:~$ sudo iptables-save > firewall.rules
    rhys@tomato:~$ nano firewall.rules 
    
    # Generated by iptables-save v1.4.12 on Thu Jan  9 12:37:21 2014
    *filter
    :INPUT ACCEPT [94093:49078855]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [103366:116841892]
    -A INPUT -p tcp -m tcp --dport 49452 -j ACCEPT
    COMMIT
    # Completed on Thu Jan  9 12:37:21 2014
    I have port 49452 on both the public and lan forwarded to my tomato server. And I'm accessing SSH via my routers public IP on 49452.

    I'm guessing I've enable the firewall which is blocking access, although running sudo ufw disable doesn't do anything. It just returns Firewall stopped and disabled on system startup.

    Can anyone help?

  2. #2
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: SSH Server unexpectedly closed network connection

    Sorry - can't tell from what you've posted.
    Perhaps your public IP changed?

    ufw is just an interface into iptables. Pick one interface and stick with that. Don't mix to prevent confusion. Either use ufw for everything or nothing.

    So ... what I would do it trace the connection from the start to the end. Start as close to the sshd as possible.
    * is the sshd daemon running?
    * does ssh localhost work?
    * sudo iptables -L - should show nothing related to port 22 (or whatever port you use).
    * from inside your LAN, does ssh -p {insert-49xxx port number} {insert-public-ip} work?
    * try the same from putty inside your LAN.
    * Does the remote location have un-filtered access to your public IP? Many schools and work networks are filtering everything except 80/443/465/993 these days. Use telnet to check.
    * always use real IP addresses, NOT DNS names for this for now.

    Sometimes a DNS issue makes it appear an entire subnet is down when it is not.

    While not directly what you need, this link shows troubleshooting techniques for networking issues.

  3. #3
    Join Date
    Sep 2008
    Location
    England
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: SSH Server unexpectedly closed network connection

    Thanks for your help.

    Sshd daemon is running, as I can connect locally using ssh 'rhys@tomato' and ssh 'rhys@192.168.1.76'

    I get a bad port error when I try ssh -p from within the lan.

    iptables -L now shows nothing.

    I don't have a windows machine at home to test putty.

  4. #4
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: SSH Server unexpectedly closed network connection

    Quote Originally Posted by RhysGM View Post
    I get a bad port error when I try ssh -p from within the lan.
    There is the root issue to be solved. What is the exact command you are using?
    Did the server internal IP change? This would mean the router port-forward isn't going where you need it.

    Check all the links in this chain.
    1. WAN-side router port 49xxx is open
    2. Router forwards port 49xxx to server static IP on port 49xxx
    3. Verify that the interface where the server is listening on port 49xxx is actually on the IP and wire you expect. On systems with multiple NICs/WiFi, this can be confusing.


    Personally, I let the router do port translation and have my internal ssh servers running on the default port, 22. Makes accessing sshd clear if using the router WAN interface or a local LAN address. I hope that makes sense. Not all low-end routers support port translation. Tomato definitely does.

    Also, I'm confused about the difference between
    a) the router
    b) tomato

    In my world, tomato runs as firmware on the router, so there isn't any difference. You've gone out of your way to separate those for some reason. Why?

    Anyway - hope these questions help to find the answer.
    Last edited by TheFu; January 10th, 2014 at 04:54 PM.

  5. #5
    Join Date
    Sep 2008
    Location
    England
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: SSH Server unexpectedly closed network connection

    Quote Originally Posted by TheFu View Post
    There is the root issue to be solved. What is the exact command you are using?
    Code:
    rhys@orange:~$ sudo ssh -p {49452}{2.31.141.xxx}
    Bad port '{49452}{2.31.141.xxx}'

  6. #6
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: SSH Server unexpectedly closed network connection

    Quote Originally Posted by RhysGM View Post
    Code:
    rhys@orange:~$ sudo ssh -p {49452}{2.31.141.xxx}
    Bad port '{49452}{2.31.141.xxx}'
    a) please don't use sudo unless mandatory. It can cause issues and have ownership and permissions of settings changed to root for userid settings. Not something you want. Don't use sudo with any GUI program.

    b) to learn the options for any command, there is a built-in help system on Linux called "man pages." man ssh explains how this command should be used. There are man pages for almost every command on a Linux system. It is odd to find a command that does NOT have a manpage. My attempt to clarify things that should be replaced was misinterpreted. I apologize. don't include the curly-brackets in the command and definitely use spaces between the port and IP.

    In short - ssh -p 49452 2.31.141.xxx is probably the command to be used to test the WAN-side of the router interface back into your server.

  7. #7
    Join Date
    Sep 2008
    Location
    England
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: SSH Server unexpectedly closed network connection

    I normal don't use sudo unnecessarily however I wanted to see if there was a privileges issue.

    I get this error now;

    Code:
    rhys@orange:~$ ssh -p 49452 2.31.141.xxx
    ssh: connect to host 2.31.141.xxx port 49452: Connection refused

  8. #8
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: SSH Server unexpectedly closed network connection

    Check the router config. If it is open, perhaps the ISP is filtering?

    At work, I've never been able to ssh anywhere external over non-ssl-normal ports. The network there is locked down and using their proxy is mandatory. The only way for me to ssh out is through the 443/tcp proxy ... which means having the router listen for ssh connections on port 443. At least in my situation.

    I've never seen a home ISP filter high ports, so if you are at home, that is unlikely and the router probably isn't configured properly.

  9. #9
    Join Date
    Sep 2008
    Location
    England
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: SSH Server unexpectedly closed network connection

    Thanks for your help, it must be a local thing, as I'm getting the connection refused error on the lan too.

    I've tried changing the public port to 22 and 2222 on the router but the same error occurs. If I add my IP address into checkmyports.net it reports that port as open.

    The router seems fine, so it must be the server is stopping the connection.

  10. #10
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: SSH Server unexpectedly closed network connection

    Just in case, did you remember to restart the ssh-server after each config change? I know that I forget sometimes.

    Also, did you validate that the LAN IP used in the router points to the real LAN IP the server uses?

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •