Tech | How to solve ssh_exchange_identification: Connection closed by remote host

Many a times when accessing a server via SSH you may end up with “ssh_exchange_identification: Connection closed by remote host” error message. For example:

# ssh root@testserver.com

ssh_exchange_identification: Connection closed by remote host

OR may be more descriptive error when you use the verbose mode (-v flag)

# ssh -v root@testserver.com

 OpenSSH_4.0p1, OpenSSL 0.9.7a Feb 19 2003

 debug1: Reading configuration data /etc/ssh/ssh_config

 debug1: Applying options for *

 debug1: Connecting to testserver.com [1.1.1.1] port 22.

 debug1: Connection established.

 debug1: permanently_set_uid: 0/0

 debug1: identity file /root/.ssh/identity type -1

 debug1: identity file /root/.ssh/id_rsa type -1

 debug1: identity file /root/.ssh/id_dsa type 2

The ‘ssh_exchange_identification’ issue occurs for various reasons. So to fix the issue, check the following:

1) TCP wrappers i.e. whether ssh is restricted to certain IPs in /etc/hosts.allow and /etc/hosts.deny. If yes, make sure your local IP is added in the allowed list.

Edit the /etc/hosts.allow file and add the following at the top:

sshd : yourlocalip : allow

2) The /var/empty/sshd folder should be owned by user ‘root’. Sometimes if a new application is installed, it somehow changes the ownership of the /var/empty/sshd directory resulting in ‘ssh_exchange_identification’ error message.

# chown root.root /var/empty/sshd –R

3) If the permission of the private key files are incorrect i.e. if private key files are readable by all, it also results in “ssh_exchange_identification: Connection closed by remote host” error.

For example, if any of the private key file “ssh_host_key, ssh_host_rsa_key or ssh_host_dsa_key” in /etc/ssh directory have 644 permissions, they should be set to 600.

# cd /etc/ssh

# chmod 600 ssh_host_key ssh_host_rsa_key ssh_host_dsa_key