ssh 錯誤

機器登陸發生ssh_exchange_identification: Connection closed by remote host

緣由是：

/var/empty/sshd 這個文件夾被刪

建下就ok

#!/bin/bash
touch /var/run/utmp
chmod 664 /var/run/utmp
mkdir -p /var/empty/sshd
chmod 711 /var/empty/sshd
service sshd restart

 

ssh_exchange_identification: read: Connection reset by peer

OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: connect port:22, options.port:22
debug1: Connecting to <machine_name> [10.58.94.74] port 22.
debug1: Connection established.
debug1: identity file /home/aaa/.ssh/identity type -1
debug1: identity file /home/aaa/.ssh/id_rsa type -1
debug1: identity file /home/aaa/.ssh/id_dsa type -1
ssh_exchange_identification: read: Connection reset by peer

 

初步緣由鎖定：

1-服務器防火牆限定，

2-是否達到ssh的最大鏈接數，超過以後會服務器端會拒絕新的鏈接，直到有新的鏈接釋放出來

3-/etc/hosts.allow和/etc/hosts.deny配置文件限定ip登陸

4-磁盤滿了

解決方案：

1 firewall-cmd --list-all-zones

    查看pubilic.xml和ssh.xml兩個防火牆配置文件，是否放通指定ip

2 查看當天ssh遠程鏈接數，是否達到最大鏈接數

   #vim /etc/ssh/sshd_config

     #LoginGraceTime 2m    參數表示登陸驗證時間

     #MaxAuthTries 6    最大驗證重試次數

     #MaxSessions 10    最大遠程鏈接數

3 vim /etc/hosts.all和vim /etc/hosts.deny查看限定的ip

[root@cp-apache02 ssh]# cat /etc/hosts.allow 

# hosts.allowThis file contains access rules which are used to

#allow or deny connections to network services that

#either use the tcp_wrappers library or that have been

#started through a tcp_wrappers-enabled xinetd.

#

#See ‘man 5 hosts_options‘ and ‘man 5 hosts_access‘

#for information on rule syntax.

#See ‘man tcpd‘ for information on tcp_wrappers

sshd:122.10.70.66

 

4 查看ssh用戶登陸日誌/var/log/secure

    tail -20 /var/log/secure    

or

    #less /var/log/messages    查看最近系統操做信息

or

    #last    查看最近登陸日誌

Did not receive identification string from