SSH Broken After Updates?

Hi everyone,

I just did a clean install of OpenSuSE 11.0 and performed all the available updates as well. After rebooting when I try to SSH into my SuSE workstation I get:

PuTTY Fatal Error

Server unexpectedly closed network connection

I don’t see anything relevant in /var/log/messages. I’ve tried rebooting and restarting the SSHD service. Any ideas?

More information:

I have tried SSH from multiple workstations; all with the same error. There are no firewalls between anything I am trying to SSH from and my SuSE box and the firewall is disabled on SuSE. I was able to SSH in before all the updates and subsequent reboot.

This used to happen to me years ago.

Try to login from a Linux computer with verbose options -v -v and/or with -2 -Y.

Also check the port on which sshd is running.

Can you login into yourself from the same PC?

SSHD is running on the default port (22) per the following information in /var/log/messages:

“Server listening on 0.0.0.0 port 22”

When I try to SSH from another SuSE box I get:

OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to maia1 [192.168.0.7] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
ssh_exchange_identification: Connection closed by remote host

If I try to SSH locally on the box having this problem I get:

OpenSSH_5.0p1, OpenSSL 0.9.8a 11 Oct 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to maia1 [127.0.0.2] port 22.
debug1: Connection established.
ssh: symbol lookup error: ssh: undefined symbol: EVP_CIPHER_CTX_key_length

More information:

I am trying to build a Maia Mailguard anti-spam gateway for my email system and one of the installation steps is to install OpenSSL-devel from the SLES 10.2 DVD. When I performed that step I got the following message:

http://www.jasonsconsulting.com/images/OpenSSLScreenshot-y2base.png

I downgraded openssl per the message and rebooted later on. That’s when all the trouble started.

Are you sure the port is open on firewall?

There’s no firewall between the workstations and my SuSE box. They are all literally plugged into the same switch on the same local LAN. I can ping, use webmin, port 80, etc. Just SSH doesn’t work.

The firewall on the SuSE box is disabled since it is not exposed to the outside internet.

Evidently there is a mismatch in packages’ versions.

Maybe, instead of
**
OpenSSL-devel from the SLES 10.2 DVD, **

you can install

**libopenssl-devel **

for openSUSE 11.0.

How about OpenSuse’s software firewall?? (YAST -> Security & Users -> Firewall -> Allowed Services)

EDIT: Nevermind… looks like this firewall is only for “External zone”. So, I guess you really don’t need to worry about it.

http://e.imagehost.org/0308/Firewall.png

I faced the same issue. It happens because of mismatch between openssl and libopenssl packages.
It will get resolved by making sure that we have proper libopenssl rpm which matches installed openssl rpm.
In my case I had to downgrade libopenssl rpm to match openssl rpm.
It should be something like this:

openssl-0.9.8h-30.11
libopenssl0_9_8-0.9.8h-30.11

How to solved this problem?

please tell me : my email : zhangtao@yixingpeople.cn