SSH Error: “ssh_exchange_identification: Connection closed by remote host”

At home, we’ve just switched from a slow (2mbps) ADSL connection to a wonderfully fast 40mbps connection provided by the excellent Origin Broadband using the South Yorkshire fibre network provided by Digital Region.

I did have a small problem though that has taken some searching to resolve so I’ll detail it here in case others find it useful.

As soon as we switched over, I couldn’t connect to my VPS over SSH. I was getting the message:

It turns out that this is due to the fact that the server contains the following entry in /etc/hosts.deny:

The OS does a Reverse DNS Lookup to check for bad domains and this line tells the system to reject connection requests to SSHd that don’t have a reverse DNS address. So it seems that my new ISP hasn’t (yet?) registered a reverse DNS address whereas my previous ISP (PlusNet) did.

You can remove that entry but that has a security implication. The better fix is to add a line to /etc/hosts.allow:

Where 1.2.3.4 should be replaced by the fixed IP address your ISP gives you. Visit WhatsMyIP.com to find out your address. If you don’t have a fixed address, you’ll probably have to do the alternative fix. The “ALL” keyword ensures that your location can access all services on the server.

I’ve made the change and it works fine. I’ve also raised a ticket to see if I will be getting a reverse DNS entry.

Update 2012-07-13: Annoyingly, I’ve had no response to my ticket with Origin Broadband. However, the fix works fine.