1321 – sshd connection refused

Bug 1321 - sshd connection refused

Summary: sshd connection refused

Status:	CLOSED WORKSFORME

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	4.6p1
Hardware:	UltraSPARC Solaris

Importance:	P2 major
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2007-06-12 04:32 AEST by Annette Brady
Modified:	2008-04-04 09:59 AEDT (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Annette Brady 2007-06-12 04:32:30 AEST

When logging into ssh, I get the following at the client end - 
ssh_exhaange_identification: connection closed by remote host.

I get the following at the server end - 
sshd(25956} [ID800047 auth.error] reexec socket pair: connecton refused

This happens every day when users first try to log on.  I am able to finaly get folks logged on by doing the following (1)stopping the ssh daemon, (2)creating new keys, (3)stopping and (4) starting inetd and (5)bringing down the daemon for some time.  Finally it begins to work for some random reason and I am cluseless as to how to fix it or even provide a timely repair.  

Can you provide some guidance on how I might proceed to get this fixed.  I have also done ssd -v -v -v to get more detail which I can also share.....



I have tried modifiying a lot of stuff in to sshd_config - 
(i.e. keyregeneration, keep alive, inetd.conf ssh entry, interd.conf rexecd, recycle of network interface) ...etc.  I am just totaly perplexed as to how to fix this.
 
Thanks for your help.

Comment 1 Darren Tucker 2007-06-12 10:24:22 AEST

That's pretty weird, for a few reasons:

1) the socketpair error should be non-fatal (ie sshd should fall back to the non re-exec code in that case).

2) there's no documented reason that socketpair will set errno to ECONNREFUSED (which corresponds to the error you describe).

3) Once you have a valid hostkey, regenerating it should have no impact on whether or not sshd will start up.

4) Unless you have specifically configured sshd to run under inetd (which is uncommon) then restarting inetd should have no impact on sshd.

The only thing that I can think of (and it's a long shot) is that you're reaching a limit of file descriptors, possibly a system-wide limit.  You can try running "ulimit -h -n unlimited; ulimit -n unlimited" (exact syntax will vary depending on your shell) before restarting sshd.

You can also disable the re-exec in sshd ("/path/to/sshd -r") but if you really are hitting a descriptor limit then that will probably not solve the problem but rather change the symptoms.

BTW, which version of Solaris is this?  Do you have any descriptor-related settings in /etc/system?

Comment 2 Darren Tucker 2007-12-31 22:05:48 AEDT

If you can't (or won't) provide answers to any of the questions or try any of the suggestions then I am afraid there is not a lot we can do to help you.  Please reopen this bug if you have any further information.

Comment 3 Damien Miller 2008-04-04 09:59:49 AEDT

Close resolved bugs after release.