Skip to Main Content
Forums

Infrastructure Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Connection closed port 22 when using ssh.

Kinjan BhavsarSep 3 2021

Hi All,
When I am trying to connect ssh using putty from Windows host to Oracle Linux VM, I keep on getting Connection closed by 192.168.56.102 port 22. I tried to allow port 22 in firewall and I also tried disabling the firewall entirely but still it didn't work for me. I am adding the output below

Microsoft Windows [Version 10.0.19043.1165]
(c) Microsoft Corporation. All rights reserved.


C:\WINDOWS\system32>ssh -v oracle@rac1.localdomain
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
debug1: Connecting to rac1.localdomain [192.168.56.102] port 22.
debug1: Connection established.
debug1: identity file C:\\Users\\iTouchVision Valsad/.ssh/id_rsa type 0
debug1: identity file C:\\Users\\iTouchVision Valsad/.ssh/id_rsa-cert type -1
debug1: identity file C:\\Users\\iTouchVision Valsad/.ssh/id_dsa type -1
debug1: identity file C:\\Users\\iTouchVision Valsad/.ssh/id_dsa-cert type -1
debug1: identity file C:\\Users\\iTouchVision Valsad/.ssh/id_ecdsa type -1
debug1: identity file C:\\Users\\iTouchVision Valsad/.ssh/id_ecdsa-cert type -1
debug1: identity file C:\\Users\\iTouchVision Valsad/.ssh/id_ed25519 type -1
debug1: identity file C:\\Users\\iTouchVision Valsad/.ssh/id_ed25519-cert type -1
debug1: identity file C:\\Users\\iTouchVision Valsad/.ssh/id_xmss type -1
debug1: identity file C:\\Users\\iTouchVision Valsad/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4
debug1: match: OpenSSH_7.4 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug1: Authenticating to rac1.localdomain:22 as 'oracle'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:WK8mNDtZuXZvVRyBqlOGaEBqIovFkiYyMoWOdpD2GDw
debug1: Host 'rac1.localdomain' is known and matches the ECDSA host key.
debug1: Found key in C:\\Users\\iTouchVision Valsad/.ssh/known_hosts:4
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory
debug1: Will attempt key: C:\\Users\\iTouchVision Valsad/.ssh/id_rsa RSA SHA256:MHqLgAs/401UOe0RgzDocbzvH97GCqMbSRXYp0ZIdTY
debug1: Will attempt key: C:\\Users\\iTouchVision Valsad/.ssh/id_dsa
debug1: Will attempt key: C:\\Users\\iTouchVision Valsad/.ssh/id_ecdsa
debug1: Will attempt key: C:\\Users\\iTouchVision Valsad/.ssh/id_ed25519
debug1: Will attempt key: C:\\Users\\iTouchVision Valsad/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Next authentication method: publickey
debug1: Offering public key: C:\\Users\\iTouchVision Valsad/.ssh/id_rsa RSA SHA256:MHqLgAs/401UOe0RgzDocbzvH97GCqMbSRXYp0ZIdTY
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password
debug1: Trying private key: C:\\Users\\iTouchVision Valsad/.ssh/id_dsa
debug1: Trying private key: C:\\Users\\iTouchVision Valsad/.ssh/id_ecdsa
debug1: Trying private key: C:\\Users\\iTouchVision Valsad/.ssh/id_ed25519
debug1: Trying private key: C:\\Users\\iTouchVision Valsad/.ssh/id_xmss
debug1: Next authentication method: password
debug1: read_passphrase: can't open /dev/tty: No such file or directory
oracle@rac1.localdomain's password:
Connection closed by 192.168.56.102 port 22

I tried to ping to VM and it works correctly but not sure why I keep on getting this error while using ssh.

Comments

EdStevens

Note to others - this is a branch question of another issue I've been helping Kinjan with in another forum space. I'd just like to add that he and I both would appreciate any help that can be provided here.

Nik

Hi.
This log show that:
1. SSH can establish connections

.debug1: Connecting to rac1.localdomain [192.168.56.102] port 22
.debug1: Connection established.

2. You have problem with authorization.
System can not authorize via public keys and try use password authorization.
Is not clear: Can you enter passwords or not ?
Are You sure that you have valid password?
Can you login to this host from other system?

In any case it's look like problem with ssh-server or security configuration.
Check /var/log/messages and /var/log/secure files on server side.

Regards,
Nik

Kinjan Bhavsar

HI @nik5 ,
I have only 1 system with me and I have given the password which I use to log in when I directly connect to oracle user from the VM.
Also, what I need to check exactly in /var/log/messages and /var/log/secure files?

Nik

Hi.
Login directly to vm. Switch to user root.
Check user ID for oracle user. ( grep oracle /etc/passwd )
Check configuration pam modules. ( grep uid /etc/pam.d/sshd /etc/pam.d/password-auth )
Start tail -f /var/log/secure on VM and try login to VM via ssh.
You should see logs from sshd.
Try create new user and check access for new user.
Regards, Nik

Kinjan Bhavsar

Hi Nik ,
It worked now not sure why it didn't work before as I was following the same process previously also. Do you think, it might be to do something from your statements?
After running the command, which you have suggested, I got the following output

[root@rac1 ~]# grep oracle /etc/passwd
oracle:x:54321:54321::/home/oracle:/bin/bash
[root@rac1 ~]# grep uid /etc/pam.d/sshd /etc/pam.d/password-auth
/etc/pam.d/sshd:session    required     pam_loginuid.so
/etc/pam.d/password-auth:auth        requisite     pam_succeed_if.so uid >= 1000 quiet_success
/etc/pam.d/password-auth:account     sufficient    pam_succeed_if.so uid < 1000 quiet
/etc/pam.d/password-auth:session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
[root@rac1 ~]# tail -f /var/log/secure


image.pngThanks

Nik

Hi.
It's good news that system work now, but not clear what cause this problem.
All provided commands just read some information and nothing change.
We find oracle's UID: 54321.
Find that PAM require UID more 1000.
You can read previous lines at security.log file about sshd for find reason session disconnect.

Regards.
Nik

1 person found this helpful
EdStevens

Kinjan -
Looks like (from your screen shot) that you decided to use PuTTY for your ssh client. I think you'll like it, vs. the native ssh included with Windblows. Poke around in putty and you'll see that you can define local logging for each session, and copy and paste is much easier.
Glad you seem to have gotten it working. Sorry I wasn't more help on this issue. I've never run into that issue before. Everything I showed you in the original thread always 'just worked' for me.

1 person found this helpful
1 - 7

Post Details

Added on Sep 3 2021
#linux, #oracle-linux
7 comments
10,093 views
1 mention