SSH Server unexpectedly closed network connection

      No Comments on SSH Server unexpectedly closed network connection

While connecting the Linux server through putty, following error occurred. SSHD server unexpectedly closed network connection

Error log:

tail -f /var/log/audit/audit.log

type=USER_AUTH msg=audit(1292432614.589:14079): user pid=5965 uid=0 auid=0 ses=1 msg=’op=PAM:authentication acct=”user” exe=”/usr/sbin/sshd” hostname= addr= terminal=ssh res=success’
type=USER_ACCT msg=audit(1292432614.598:14080): user pid=5965 uid=0 auid=0 ses=1 msg=’op=PAM:accounting acct=”user” exe=”/usr/sbin/sshd” hostname= addr= terminal=ssh res=failed’
type=USER_LOGIN msg=audit(1292432614.600:14081): user pid=5965 uid=0 auid=0 ses=1 msg=’op=login acct=”user” exe=”/usr/sbin/sshd” hostname=? addr= terminal=sshd res=failed’

There may be several reasons for the error. Try the following trouble shoot methods.

Solution #1

#touch /etc/environment
creates the file

Solution #2
Check /etc/hosts.deny file for any ip / host blocking.

Solution #3

Check the authentication method, After modifying the pam.d it started working.

#cd /etc/pam.d
#vim  system-auth-ac

auth        required
auth        sufficient nullok try_first_pass
auth        requisite uid >= 500 quiet
auth        sufficient use_first_pass
auth        sufficient use_first_pass nolocal
auth        required

account     required broken_shadow
account     sufficient
account     sufficient uid < 500 quiet
account     [default=bad success=ok user_unknown=ignore]
account     required

password    requisite try_first_pass retry=3
password    sufficient sha512 shadow nullok try_first_pass use_authtok
password    sufficient use_authtok
password    required

session     optional revoke
session     required
session     [success=1 default=ignore] service in crond quiet use_uid
session     required
session     optional

#vim sshd

auth       include      system-auth
account    required
account    include      system-auth
password   include      system-auth
# close should be the first session rule
session    required close
session    include      system-auth
session    required
# open should only be followed by sessions to be executed in the user context
session    required open env_params
session    optional force revoke