ssh 错误

机器登陆发生ssh_exchange_identification: Connection closed by remote host

缘由是：

/var/empty/sshd 这个文件夹被删

建下就ok

#!/bin/bash
touch /var/run/utmp
chmod 664 /var/run/utmp
mkdir -p /var/empty/sshd
chmod 711 /var/empty/sshd
service sshd restart

 

ssh_exchange_identification: read: Connection reset by peer

OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: connect port:22, options.port:22
debug1: Connecting to <machine_name> [10.58.94.74] port 22.
debug1: Connection established.
debug1: identity file /home/aaa/.ssh/identity type -1
debug1: identity file /home/aaa/.ssh/id_rsa type -1
debug1: identity file /home/aaa/.ssh/id_dsa type -1
ssh_exchange_identification: read: Connection reset by peer

 

初步缘由锁定：

1-服务器防火墙限定，

2-是否达到ssh的最大链接数，超过以后会服务器端会拒绝新的链接，直到有新的链接释放出来

3-/etc/hosts.allow和/etc/hosts.deny配置文件限定ip登陆

4-磁盘满了

解决方案：

1 firewall-cmd --list-all-zones

    查看pubilic.xml和ssh.xml两个防火墙配置文件，是否放通指定ip

2 查看当天ssh远程链接数，是否达到最大链接数

   #vim /etc/ssh/sshd_config

     #LoginGraceTime 2m    参数表示登陆验证时间

     #MaxAuthTries 6    最大验证重试次数

     #MaxSessions 10    最大远程链接数

3 vim /etc/hosts.all和vim /etc/hosts.deny查看限定的ip

[root@cp-apache02 ssh]# cat /etc/hosts.allow 

# hosts.allowThis file contains access rules which are used to

#allow or deny connections to network services that

#either use the tcp_wrappers library or that have been

#started through a tcp_wrappers-enabled xinetd.

#

#See ‘man 5 hosts_options‘ and ‘man 5 hosts_access‘

#for information on rule syntax.

#See ‘man tcpd‘ for information on tcp_wrappers

sshd:122.10.70.66

 

4 查看ssh用户登陆日志/var/log/secure

    tail -20 /var/log/secure    

or

    #less /var/log/messages    查看最近系统操做信息

or

    #last    查看最近登陆日志

Did not receive identification string from