# SSH Problems Today

## cheops2006

Hi,

This morning I did an emerge -uDavN world and it got a new baselayout after updating some config files I could no longer SSH into my box it kept saying connection refused! After investigating the log file it seems that someone has been sending false names to my box upto 40000 login requests through ssh, is there some failsafe that stops ssh working and locking out the account root? I have no idea what to do I just want to get back in my box remotely.

the error I get is 

Connection Refused

Anyone help 

Ade.

----------

## sobers_2002

denyhosts is the utility that you are looking for. I don't know if In the present scenario getting the ssh to work from outside is possible.

----------

## cheops2006

Thanks for replying

Will this utility fix my problem of not being able to get into my machine at present?

----------

## nms

The most likely cause of sshd shutting itself down after a world update is that something that sshd was linked against has changed (i.e. been updated). Examples of such packages are glibc and pam. Try rebuilding your ssh package and see what happens.

I doubt very much that this problem will can even be diagnosed, let alone solved from a remote system - you will most likely need physical access to the machines console.

----------

## sobers_2002

webmin is another utility which comes in handy when remote configuration / system administration is needed. As nms pointed above, rebuild openssh and see if problem goes away. The present error should be visible when you try to start sshd.

----------

## Truin

 *cheops2006 wrote:*   

> This morning I did an emerge -uDavN world and it got a new baselayout after updating some config files I could no longer SSH into my box it kept saying connection refused! After investigating the log file it seems that someone has been sending false names to my box upto 40000 login requests through ssh, is there some failsafe that stops ssh working and locking out the account root? I have no idea what to do I just want to get back in my box remotely.
> 
> 

 

I'm curious to know what false names you've seen in your logs....  just curious.

Anyway, I'm betting that pam was updated as part of your "--update --deep --newuse", and as the QA notice says during the emerge of pam "if you're running sshd, restart it or you might run into login problems."  So, my suggestion would be to do a `/etc/init.d/sshd restart` and see if that fixes it.

(side note - exact same thing happened to me about 10 minutes ago)

(update - I'm an idiot.   :Sad:   I'm having the same issue - connection refused.  My box is still updating itself, I'll let you know if/when I find a fix.)

----------

## hitachi

this also looks very good to protect you against ssh login atacks.

http://blinkeye.ch/mediawiki/index.php/SSH_Blocking

----------

## Headrush

I'm having the same problems and port 22 is blocked on my firewall. 

I don't think this is related to outside attacks. Something has changed with one of the recent updates that caused this. (baselayout, openssl, qca-tls)

Going back to the older versions doesn't work now and the problems can be seen in ssh, kopete jabber using ssl also.

I have recompiled all these apps and any the seem to rely on then to no avail.

Still search for an answer and determination which package is the culprit.

----------

## cheops2006

At least I wasn't alone with this problem then!

I deleted /etc/ssh and re-emerged openssh and the problem went away works fine now I think it was a problem with openssl don't ask me why I don't know but at least its working now.

Thanks to everyone for there support

Ade.

----------

## Make

I had same problems as others when I ran 'emerge -uaDvN'. It reinstalled openssl with new use flag 'sse2' and I think that caused the problems with ssh and other programs that use openssl. I fixed it running 

```
revdep-rebuild --library libssl.so.0.9.8 && revdep-rebuild --library libcrypto.so.0.9.8.
```

  -- Markku

----------

## Truin

Finally got mine fixed.  I re-emerged pam and openssh, and voila!  All is fixed.

I have 5 more systems to update, I'll let you know if I run into this again.  :Smile: 

```
emerge -av pam openssh
```

----------

## Robert S

Just reporting a similar problem after an "emerge -avDuN world".  ssh resulted in a segmentation fault when run fron the command line.  Fixed it by emerging openssh again.

----------

## rigo

 *Robert S wrote:*   

> Just reporting a similar problem after an "emerge -avDuN world".  ssh resulted in a segmentation fault when run fron the command line.  Fixed it by emerging openssh again.

 Same as you. The breaking package is openssl, updated from version 0.9.8c to 0.9.8c-r1.

I think this shouldn't happen without any notice to the system administrator. Did anybody post a bug report for this?

----------

## .:chrome:.

 *cheops2006 wrote:*   

> This morning I did an emerge -uDavN world and it got a new baselayout after updating some config files I could no longer SSH into my box it kept saying connection refused! After investigating the log file it seems that someone has been sending false names to my box upto 40000 login requests through ssh, is there some failsafe that stops ssh working and locking out the account root? I have no idea what to do I just want to get back in my box remotely.

 

your error depends the new version of openSSL

re-emerge it without sse2 USE flag, emerge the new 0.9.8c-r1 package, or recompile openSSH

----------

