8

Connecting to my server has never been a problem. But now I've added a mesh router in bridge mode to my regular router, and when I try to ssh to my server, sometimes it works fine, and other times the connection is closed at initiation with:

kex_exchange_identification: Connection closed by remote host

This is only when I am first trying to connect - on the times it succeeds in connecting, it stays connected just fine.

It also seems to fail more often with scp than ssh, which I find odd, but could just be my own non-statistical impressions...

I'm guessing the bridge mode is randomly getting in the way of the ssh and killing the connection, any thoughts?

David Ljung Madison Stellar
  • 662

1 Answers1

0

I found this question from searching the web, because I was seeing the same error message and had no idea what it meant or what was causing it.

For me, the cause was having turned Intrusion Protection on in my Unifi Network controller. Some sort of firewall was incorrectly flagging my everyday SSH connection as a "Potential SSH Scan" and blocking it.

Threat Management Alert 2: Attempted Information Leak. Signature ET SCAN Potential SSH Scan OUTBOUND. From: 192.168.xxx.xxx:58944, to: 192.168.xxx.xxx:22, protocol: TCP

Rather than disable this additional helpful layer of network protection, I decided to temporarily whitelist the IP address for the development machine that is trusted to bypass these checks. Once whitelisted, everything was OK.

I'm uncertain if bridge mode alone would cause this, but my experience is similar to yours in that a piece of networking equipment was intercepting and prematurely terminating the connection before it made it outside of my LAN.

John James Jacoby
  • 1