Re: OpenSSH: cause of random kex_exchange_identification errors?
Am Mittwoch, 2. Februar 2022, 15:44:32 CET schrieb Vincent Lefevre:
Sounds weired. I wonder, if there is a typo. Your message beginning with
kex_exchange_identif....
looks for me like a typo. I would have "key_exchange_...." expected.
However, I did not check this, and mybe this is correct.
On the other side, maybe this typo causes (if it is really a typo!) some
weired behaviour.
As I said, I may be wrong, but this is, what I did see at once.
Other reasons might be a timing problem on the network. Maybe you can take a
look with wireshark or similar, if there are network problems.
Got this one day on my wireless part, had lots of packets to be recalled,
which I did only see with wireshark and could not be noticed during normal
internet use.
Just some ideas.....
Does this help? Guess, not really....
Best regards
Hans
> When I want to connect with SSH (ssh/scp) to some machine, I sometimes
> get errors, either
>
> kex_exchange_identification: Connection closed by remote host
>
> or
>
> kex_exchange_identification: read: Connection reset by peer
>
> immediately after the connection attempt. This happens randomly,
> and there are some periods where this happens quite often. The
> client machine doesn't seem to matter, and this issue also even
> occurs from machines on the local network.
>
> With ssh -vvv, the output ends with
>
> debug1: Local version string SSH-2.0-OpenSSH_8.7p1 Debian-4
> kex_exchange_identification: read: Connection reset by peer
> Connection reset by [...] port 22
>
> In the source, this corresponds to function kex_exchange_identification
> in kex.c:
>
> len = atomicio(read, ssh_packet_get_connection_in(ssh),
> &c, 1);
> if (len != 1 && errno == EPIPE) {
> error_f("Connection closed by remote host");
> r = SSH_ERR_CONN_CLOSED;
> goto out;
> } else if (len != 1) {
> oerrno = errno;
> error_f("read: %.100s", strerror(errno));
> r = SSH_ERR_SYSTEM_ERROR;
> goto out;
> }
>
> so either with EPIPE or with ECONNRESET, and this apparently occurs
> before the exchange of banners.
>
> I could reproduce the issue with telnet, which gives
>
> [...]
> Escape character is '^]'.
> Connection closed by foreign host.
>
> while one normally has
>
> SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2
>
> just after the "Escape character..." line.
>
> Note that this is different from a "Connection refused". Here, the
> connection is accepted, but immediately closed.
>
> The admin of the machine could see nothing particular in the logs.
> He eventually modified the MaxStartups value, but this did not
> solve the issue (but AFAIK, if this were the cause, there would
> have been something about it in the logs). The machine has enough
> available memory.
>
> Any idea about the possible cause of these random errors?
Reply to: