OpenSSH: cause of random kex_exchange_identification errors?

To: debian-user@lists.debian.org
Subject: OpenSSH: cause of random kex_exchange_identification errors?
From: Vincent Lefevre <vincent@vinc17.net>
Date: Wed, 2 Feb 2022 15:44:32 +0100
Message-id: <[🔎] 20220202144432.GB157206@cventin.lip.ens-lyon.fr>
Mail-followup-to: debian-user@lists.debian.org

When I want to connect with SSH (ssh/scp) to some machine, I sometimes
get errors, either

kex_exchange_identification: Connection closed by remote host

or

kex_exchange_identification: read: Connection reset by peer

immediately after the connection attempt. This happens randomly,
and there are some periods where this happens quite often. The
client machine doesn't seem to matter, and this issue also even
occurs from machines on the local network.

With ssh -vvv, the output ends with

debug1: Local version string SSH-2.0-OpenSSH_8.7p1 Debian-4
kex_exchange_identification: read: Connection reset by peer
Connection reset by [...] port 22

In the source, this corresponds to function kex_exchange_identification
in kex.c:

    len = atomicio(read, ssh_packet_get_connection_in(ssh),
        &c, 1);
    if (len != 1 && errno == EPIPE) {
            error_f("Connection closed by remote host");
            r = SSH_ERR_CONN_CLOSED;
            goto out;
    } else if (len != 1) {
            oerrno = errno;
            error_f("read: %.100s", strerror(errno));
            r = SSH_ERR_SYSTEM_ERROR;
            goto out;
    }

so either with EPIPE or with ECONNRESET, and this apparently occurs
before the exchange of banners.

I could reproduce the issue with telnet, which gives

[...]
Escape character is '^]'.
Connection closed by foreign host.

while one normally has

SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2

just after the "Escape character..." line.

Note that this is different from a "Connection refused". Here, the
connection is accepted, but immediately closed.

The admin of the machine could see nothing particular in the logs.
He eventually modified the MaxStartups value, but this did not
solve the issue (but AFAIK, if this were the cause, there would
have been something about it in the logs). The machine has enough
available memory.

Any idea about the possible cause of these random errors?

-- 
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)

Reply to:

Follow-Ups:
- Re: OpenSSH: cause of random kex_exchange_identification errors?
  - From: mick crane <mick.crane@gmail.com>
- Re: OpenSSH: cause of random kex_exchange_identification errors?
  - From: Hans <hans.ullrich@loop.de>
- Re: OpenSSH: cause of random kex_exchange_identification errors?
  - From: Bijan Soleymani <bijan@psq.com>
- Re: OpenSSH: cause of random kex_exchange_identification errors?
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: OpenSSH: cause of random kex_exchange_identification errors?
  - From: gene heskett <gheskett@shentel.net>
- Re: OpenSSH: cause of random kex_exchange_identification errors?
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

Prev by Date: Re: Mini server hardware for home use NAS purposes
Next by Date: Re: Mini server hardware for home use NAS purposes
Previous by thread: Re: Mini server hardware for home use NAS purposes
Next by thread: Re: OpenSSH: cause of random kex_exchange_identification errors?
Index(es):
- Date
- Thread