SSH connection gets dropped when attempting to deploy site using rocketeer

Question

I'm trying to deploy a Laravel site to a development server (cPanel based) using Rocketeer. I am having a problem maintaining the SSH connection, and the server is dropping the connection after initially establishing a connection.

The process is able to initially establish a connection, and I know that my public key authentication is working, as I am able to connect to the server directly using the syntax ssh username@server.com.

The log files on the server grepped to show the relevant lines are below:

root@cyrus [/var/log]# cat secure | grep 79.125.223.206
Jul 23 05:55:26 tri sshd[8502]: Received disconnect from 79.125.223.206: 11:
Jul 23 05:55:51 tri sshd[8532]: Connection closed by 79.125.223.206
Jul 23 05:56:01 tri sshd[8538]: Accepted publickey for nrfiorg from 79.125.223.206 port 54142 ssh2
Jul 23 05:56:09 tri sshd[8542]: Received disconnect from 79.125.223.206: 11: disconnected by user
Jul 23 05:56:18 tri sshd[8588]: Received disconnect from 79.125.223.206: 11:
Jul 23 05:56:54 tri sshd[8601]: Received disconnect from 79.125.223.206: 11:
Jul 23 05:57:05 tri sshd[8607]: Received disconnect from 79.125.223.206: 11:
Jul 23 05:58:43 tri sshd[8668]: Accepted password for nrfiorg from 79.125.223.206 port 54521 ssh2
Jul 23 05:58:45 tri sshd[8672]: Received disconnect from 79.125.223.206: 11:
Jul 23 05:58:47 tri sshd[8698]: Accepted password for nrfiorg from 79.125.223.206 port 54524 ssh2
Jul 23 05:58:48 tri sshd[8702]: Received disconnect from 79.125.223.206: 11:
Jul 23 05:58:50 tri sshd[8720]: Accepted password for nrfiorg from 79.125.223.206 port 54527 ssh2
Jul 23 05:58:51 tri sshd[8733]: Received disconnect from 79.125.223.206: 11:
Jul 23 06:01:36 tri sshd[8997]: Accepted password for nrfiorg from 79.125.223.206 port 54960 ssh2
Jul 23 06:01:38 tri sshd[9001]: Received disconnect from 79.125.223.206: 11:
Jul 23 06:03:10 tri sshd[9083]: Accepted password for nrfiorg from 79.125.223.206 port 55237 ssh2
Jul 23 06:03:12 tri sshd[9091]: Received disconnect from 79.125.223.206: 11:
Jul 23 06:03:16 tri sshd[9117]: Accepted password for nrfiorg from 79.125.223.206 port 55266 ssh2
Jul 23 06:03:17 tri sshd[9121]: Received disconnect from 79.125.223.206: 11:
Jul 23 06:03:21 tri sshd[9152]: Accepted password for nrfiorg from 79.125.223.206 port 55295 ssh2
Jul 23 06:03:23 tri sshd[9160]: Received disconnect from 79.125.223.206: 11:
Jul 23 06:03:25 tri sshd[9186]: Accepted password for nrfiorg from 79.125.223.206 port 55322 ssh2
Jul 23 06:03:27 tri sshd[9190]: Received disconnect from 79.125.223.206: 11:
Jul 23 06:03:43 tri sshd[9216]: Accepted password for nrfiorg from 79.125.223.206 port 55349 ssh2
Jul 23 06:03:44 tri sshd[9220]: Received disconnect from 79.125.223.206: 11:
Jul 23 06:04:46 tri sshd[9394]: Accepted password for nrfiorg from 79.125.223.206 port 55576 ssh2
Jul 23 06:04:47 tri sshd[9398]: Received disconnect from 79.125.223.206: 11:
Jul 23 06:07:12 tri sshd[9560]: Accepted password for nrfiorg from 79.125.223.206 port 55932 ssh2
Jul 23 06:07:14 tri sshd[9566]: Received disconnect from 79.125.223.206: 11:
Jul 23 06:07:45 tri sshd[9588]: Accepted password for nrfiorg from 79.125.223.206 port 56019 ssh2
Jul 23 06:07:47 tri sshd[9592]: Received disconnect from 79.125.223.206: 11:
Jul 23 06:40:35 tri sshd[10908]: Accepted publickey for nrfiorg from 79.125.223.206 port 60920 ssh2
Jul 23 06:40:52 tri sshd[10914]: Received disconnect from 79.125.223.206: 11: disconnected by user
Jul 23 06:41:15 tri sshd[10997]: Accepted publickey for root from 79.125.223.206 port 61639 ssh2
root@cyrus [/var/log]# cat lfd.log | grep 79.125.223.206
Jul 23 13:24:36 cyrus lfd[10267]: *WHM/cPanel root access* from 79.125.223.206
root@cyrus [/var/log]# cat messages | grep 79.125.223.206
root@cyrus [/var/log]#

As evident from the above, the connection gets dropped 1-2 seconds after being established.

The same deployment script, configured exactly the same way, but for deployment to the staging server, which is on a different cPanel-based machine, executes successfully.

Both cPanel servers have been configured the same way, however it is possible that there may be minor differences in how the firewalls are configured on the two servers, however, I am not sure how I can diff the firewall configurations on the two machines to see if there is any minor difference that may be preventing the dev server from maintaining the connection and executing the deployment script.

Any advice would be highly appreciated.

Thank you.

UPDATE

OK, a few of differences.

To make it easy, I'll call the problematic server dev and the one that works staging.

dev: PasswordAuthentication yes

staging: PasswordAuthentication no

dev: X11Forwarding no staging: X11Forwarding yes

Both also have csf with a couple of differences:

dev: DROP_OUT_LOGGING = "1" staging: DROP_OUT_LOGGING = "0"

dev: LF_SSHD = "20" staging: LF_SSHD = "5"

dev: LF_SSHD_PERM = "3600" staging: LF_SSHD_PERM = "1"

dev: CT_LIMIT = "300" staging: CT_LIMIT = "0"

dev: CT_INTERVAL = "120" staging: CT_INTERVAL = "30"

dev: CT_SKIP_TIME_WAIT = "1" staging: CT_SKIP_TIME_WAIT = "0"

Answer 1

Your firewall has some ssh-related differences between dev and staging:

dev: LF_SSHD = "20" staging: LF_SSHD = "5"

dev: LF_SSHD_PERM = "3600" staging: LF_SSHD_PERM = "1"

These values are used to block IP addresses that are trying to connect too often. Since you are retrying the deployment scripts, you're probably triggering the max value there. You should change the values on the staging server to match the ones on the dev server.