fatal: ssh_dispatch_run_fatal: Connection reset by peer [preauth]
Christian Hesse
list at eworm.de
Tue May 5 17:30:23 AEST 2015
Damien Miller <djm at mindrot.org> on Tue, 2015/05/05 12:36:
> On Mon, 4 May 2015, Christian Hesse wrote:
>
> > Hello everybody,
> >
> > I have systemd set up to listen on ssh socket (:::22), the connection is
> > handled to sshd via socket activation. Usually this works perfectly fine.
> >
> > However the service is checked from nagios. Sometimes the host logs:
> >
> > systemd[1]: Started OpenSSH Per-Connection Daemon ([::1]:60865).
> > systemd[1]: Starting OpenSSH Per-Connection Daemon ([::1]:60865)...
> > systemd[1]: Started OpenSSH Per-Connection Daemon (127.0.0.1:41286).
> > systemd[1]: Starting OpenSSH Per-Connection Daemon (127.0.0.1:41286)...
> > sshd[2854]: Connection closed by ::1 [preauth]
> > sshd[2855]: fatal: ssh_dispatch_run_fatal: Connection reset by peer
> > [preauth]
> >
> > Looks like this happens if we have two incoming connection (::1 and
> > 127.0.0.1 are checked) at the some time.
> > Why does this happen? Who's fault is it? As these are TCP connections I
> > would expect it is not a problem to know what packet belongs to what
> > connection.
>
> You might need to look at server debug output and/or tcpdumps to see
> what is going on here, but it looks like whatever is making the connections
> is gracefully closing one but unceremoniously dropping the other.
>
> BTW openssh HEAD has a more useful error message for connections closed
> by TCP reset.
Tried with HEAD from git master, but I can not reproduce it there...
I will let you know if I can give more information about what is going on.
--
main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH"
"CX:;",b;for(a/* Chris get my mail address: */=0;b=c[a++];)
putchar(b-1/(/* gcc -o sig sig.c && ./sig */b/42*2-3)*42);}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20150505/75d75fca/attachment-0001.bin>
More information about the openssh-unix-dev
mailing list