1
2
My LAN comprises a desktop computer running Linux (Debian Wheezy), a MacBook with OS X Mavericks, and a modem-router; ssh with Linux host and OS X client functions well - no problems connecting from client to host.
Additionally, I’ve tried to implement the reverse - Linux computer also becoming a client and the OS X computer also becoming a host. But attempting to ssh from Linux client to OS X host results in
ssh_exchange_identification: Connection closed by remote host
This happens regardless of whether the Mac firewall is turned on or off.
I’ve tried numerous solutions suggested by google searches, including at:
enter link description here enter link description here
(The system didn't allow me to post any more links.)
I’m fairly sure that file ownerships, permissions, configurations are correct.
The same port, say 1234, is configured for ssh on each computer as both host and client; netstat commands from both computers indicate that port 1234 is listened to. Neither DenyHosts nor fail2ban is installed.
On the Linux client, /var/log/auth.log doesn’t give any relevant messages.
Telneting from client to host gives
Connection closed by foreign host.
On the OS X host, at the time of an attempted ssh connection:
/var/log/appfirewall.log shows
MacBook.local socketfilterfw[636] <Info>: sshd-keygen-wrapper: Allow TCP CONNECT (in:1 out:0
)
/var/log/system.log shows
MacBook.local com.apple.preference.security.remoteservice[662]: nsc_smb XPC: handle_event error : < Connection invalid >
It seems that the problem resides with the OS X host and that the key to solving it could be in these messages, but I’ve been unable to find useful information.
On the MacBook, System Preferences > Security & Privacy > Firewall > Firewall Options, “Remote Login (SSH)” and “sshd-keygen-wrapper” are set to “Allow incoming connections”.
“Remote Login” is enabled in System Preferences > Sharing.
What could be causing the ssh connection problem and how to solve it?
Additional Information Since Initial Post
Thanks for the replies, but I had already done everything outlined in the links, had Remote Login on with my user name (alex) as a user, and restarted ssh on both computers after every change concerning ssh followed by rebooting both computers. Have also reinstalled ssh several times on the Linux computer, and generated new keys several times on both computers.
Perhaps I should have clarified that in ssh_config for both clients
PasswordAuthentication no
PubkeyAuthentication yes
Here is the requested output from the OS X host: (not sure how useful it is because I had changed the ssh port from the default 22, to say 1234)
MacBook:~ alex$ ssh -vvv localhost
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [::1] port 22.
debug1: connect to address ::1 port 22: Connection refused
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: connect to address 127.0.0.1 port 22: Connection refused
debug1: Connecting to localhost [fe80::1%lo0] port 22.
debug1: connect to address fe80::1%lo0 port 22: Connection refused
ssh: connect to host localhost port 22: Connection refused
Additional clarifying information:
MacBook:~ alex$ ssh -vvv -p 1234 localhost
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [::1] port 1234.
debug1: connect to address ::1 port 1234: Connection refused
debug1: Connecting to localhost [127.0.0.1] port 1234.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "/Users/alex/.ssh/id_rsa" as a RSA1 public key
debug1: identity file /Users/alex/.ssh/id_rsa type 1
debug1: identity file /Users/alex/.ssh/id_rsa-cert type -1
debug1: identity file /Users/alex/.ssh/id_dsa type -1
debug1: identity file /Users/alex/.ssh/id_dsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
ssh_exchange_identification: Connection closed by remote host
MacBook:~ alex$
Requested output from the Linux client:
alex@desktop:~$ ssh -v alex@MacBook.local
OpenSSH_6.0p1 Debian-4+deb7u2, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug1: /etc/ssh/ssh_config line 102: Applying options for *
debug1: Connecting to MacBook.local [192.168.0.3] port 1234.
debug1: Connection established.
debug1: identity file /home/alex/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/alex/.ssh/id_rsa-cert type -1
ssh_exchange_identification: Connection closed by remote host
alex@desktop:~$
After going to a lot of effort to get ssh working with Linux as host and OS X as client, I figured that doing the reverse would be relatively simple. Maybe it is, but not so far! Further help would be much appreciated.
Lars
MacBook:~ alex$ sudo sshd -t
Password:
/etc/sshd_config: No such file or directory
MacBook:~ alex$
The sshd_config file is in /private/etc/ssh, as is ssh_config and the ssh_host key files.
Problem Solved
I placed a copy of sshd_config into /private/etc and did sudo sshd -t
. The output gave formating errors suggesting style errors with a reference to rtf. The font was Times. I had copied the file from the Linux computer and in the process the font changed from plain text.
I changed the sshd_config file in /private/etc/ssh to plain text, toggled “Remote Login” in System Preferences > Sharing on the Mac, issued the ssh command from the Linux client, and was able to connect to the OS X host for the first time.
I hadn't come across the sshd -t
command before, so thanks Lars for bringing it to my attention and pointing me in the right direction. The solution was indeed simple, but identifying it wasn't.
Does
sudo sshd -t
on your Mac note any configuration problems? – Lars Rohrbach – 2014-10-02T04:57:30.247