Hello

I've seen this problem adressed many times but never found a suitable
answer. Here is a brief description :
An ssh client tries to connect to a sshd server, and it works most of
the time. But sometimes, and it's fairly impossible to predict (and
obviously to reproduce), the connexion fails with a message that said :

ssh_exchange_identification: read: A connection with a remote socket
was reset by that socket.

In my configuration, i had constated that the problem is more likely to
occur when there are multiple concurrent connexions on the sshd. I had
done what i can to lessen this number, but now it comes again.

I have seen two options in the manual page : ClientAliveCountMax and
ClientAliveInterval. Could someone tell me if they may be related to
the problem, or not ? They are not present in the ssd_config file on my
server, so their default values (resp. 3 and 0) applies.

Unfortunately, i can't debug the problem as i would because the
environnement can't easily be changed.

Version of the software is OpenSSH_3.8.1p1, OpenSSL 0.9.7d 17 Mar 2004
on AIX 5.3 (client and server are on the same type of soft/hardware).

Thanks for any or clue.

Denis Valdenaire

reply to self : i have understand since that "client alive messages"
will not be sent because ClientAliveInterval is set to zero.

This has nothing to do with the problem so far.


Joe Linux wrote:
> Hello
>
> I've seen this problem adressed many times but never found a suitable
> answer. Here is a brief description :
> An ssh client tries to connect to a sshd server, and it works most of
> the time. But sometimes, and it's fairly impossible to predict (and
> obviously to reproduce), the connexion fails with a message that said :
>
> ssh_exchange_identification: read: A connection with a remote socket
> was reset by that socket.
>
> In my configuration, i had constated that the problem is more likely to
> occur when there are multiple concurrent connexions on the sshd. I had
> done what i can to lessen this number, but now it comes again.
>
> I have seen two options in the manual page : ClientAliveCountMax and
> ClientAliveInterval. Could someone tell me if they may be related to
> the problem, or not ? They are not present in the ssd_config file on my
> server, so their default values (resp. 3 and 0) applies.
>
> Unfortunately, i can't debug the problem as i would because the
> environnement can't easily be changed.
>
> Version of the software is OpenSSH_3.8.1p1, OpenSSL 0.9.7d 17 Mar 2004
> on AIX 5.3 (client and server are on the same type of soft/hardware).
>
> Thanks for any or clue.
>
> Denis Valdenaire

On 2006-10-17, Joe Linux <dvaldenaire@gmail.com> wrote:
> Hello
>
> I've seen this problem adressed many times but never found a suitable
> answer. Here is a brief description :
> An ssh client tries to connect to a sshd server, and it works most of
> the time. But sometimes, and it's fairly impossible to predict (and
> obviously to reproduce), the connexion fails with a message that said :
>
> ssh_exchange_identification: read: A connection with a remote socket
> was reset by that socket.

That's a symptom of the server dropping the connection immediately after
accept()ing it. Typical causes are a) tcpwrappers (if it happens all the
time, so probably not in your case unless you have NAT pool or something),
b) reaching the maximum number of unauthenticated connections, or c)
the sshd process dying for some reason.

> In my configuration, i had constated that the problem is more likely to
> occur when there are multiple concurrent connexions on the sshd. I had
> done what i can to lessen this number, but now it comes again.

Sounds like b). Try increasing the MaxStartups setting in sshd_config
and restarting sshd. The default is 10 so try 20 or 30.

--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.