Debugging SSH connection issues can be tricky and frustrating.
Common Issues & Causes
ssh_exchange_identification: Connection closed by remote host
SSHD key’s are corrupt
Connection to host does not complete due to network issue
The signature for the remote host in known_hosts is not correct
There is a problem with the SSH Daemon on the remote host
Debugging Steps
Check hosts.deny and hosts.allow and ensure that you are not blocking the client, or allowing the client if necessary
Check MaxStartups value in /etc/ssh/sshd_config, the default is 10 but something like 10:30:60 is a bit safer for ssh brute force attacks
Run ssh in debug mode.
..+ This will help to expose problems with things like keys and auth types.
1
ssh my.host.com -VVV
Watch logs on remote server (if possible)
Run sshd on separate port with debug logging to console
..+ This is a very useful step. After you start the ssh daemon on the remote host (we use a different port so that we can troubleshoot while being remote). The high port number allows you to run the sshd process as a non root user.
1
/usr/sbin/sshd -p 2121 -D -d -e
Explanation
1234
-p Set the listening port.
-D This option tells sshd to not detach and does not become a daemon. It allows for easy monitoring.
-d Enable debug mode.
-e Write logs to standard error instead of system log.