SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT
I am able to connect to a local LAN SSH/SFTP (OpenSSH) server without issue. Remote network is unable to connect with same network/WinSCP settings, and I'm able to see the connection attempts through the firewall (unblocked). The remote client gets through DH key exchange, and exchanges RSA fingerprints. Then a message I can't find anything online about:
SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT
My login attempts are logged, but the remote user's are not. The remote user's IP is in hosts.allow, connections are allowed in iptables, SFTP works locally. The remote site is forced to use WinSCP v3.8.1 (non-negotiable), and that version works locally. An error pops up "Authentication Failed". Here is the error log from the remote host:
This problem is killing me. Thanks for the help!
SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT
My login attempts are logged, but the remote user's are not. The remote user's IP is in hosts.allow, connections are allowed in iptables, SFTP works locally. The remote site is forced to use WinSCP v3.8.1 (non-negotiable), and that version works locally. An error pops up "Authentication Failed". Here is the error log from the remote host:
. 2011-02-17 09:33:37.604 -------------------------------------------------------------------------- . 2011-02-17 09:33:37.604 WinSCP Version 3.8.1 (Build 328) (OS 5.1.2600 Service Pack 3) . 2011-02-17 09:33:37.604 Login time: Thursday, February 17, 2011 9:33:37 AM . 2011-02-17 09:33:37.604 -------------------------------------------------------------------------- . 2011-02-17 09:33:37.620 Session name: session . 2011-02-17 09:33:37.620 Host name: x.x.x.2 (Port: 22) . 2011-02-17 09:33:37.620 User name: user (Password: Yes, Key file: No) . 2011-02-17 09:33:37.620 Transfer Protocol: SFTP (SCP) . 2011-02-17 09:33:37.620 SSH protocol version: 2; Compression: No . 2011-02-17 09:33:37.620 Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: No . 2011-02-17 09:33:37.620 Ciphers: aes,blowfish,3des,WARN,des; Ssh2DES: No . 2011-02-17 09:33:37.620 Ping type: -, Ping interval: 30 sec; Timeout: 15 sec . 2011-02-17 09:33:37.636 SSH Bugs: -,-,-,-,-,-,-,- . 2011-02-17 09:33:37.636 SFTP Bugs: -,-,- . 2011-02-17 09:33:37.636 Proxy: none . 2011-02-17 09:33:37.636 Return code variable: Autodetect; Lookup user groups: Yes . 2011-02-17 09:33:37.636 Shell: default, EOL: 0 . 2011-02-17 09:33:37.636 Local directory: default, Remote directory: home, Update: No, Cache: Yes . 2011-02-17 09:33:37.636 Cache directory changes: Yes, Permanent: Yes . 2011-02-17 09:33:37.636 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes . 2011-02-17 09:33:37.636 Alias LS: No, Ign LS warn: Yes, Scp1 Comp: No . 2011-02-17 09:33:37.651 -------------------------------------------------------------------------- . 2011-02-17 09:33:37.651 Looking up host "x.x.x.2" . 2011-02-17 09:33:37.651 Connecting to x.x.x.2 port 22 . 2011-02-17 09:33:37.792 Server version: SSH-2.0-OpenSSH_4.6 . 2011-02-17 09:33:37.792 We claim version: SSH-2.0-WinSCP_release_3.8.1 . 2011-02-17 09:33:37.792 Using SSH protocol version 2 . 2011-02-17 09:33:37.870 Doing Diffie-Hellman group exchange . 2011-02-17 09:33:38.136 Doing Diffie-Hellman key exchange . 2011-02-17 09:33:38.464 Host key fingerprint is: . 2011-02-17 09:33:38.464 ssh-rsa 1024 55:5d:96:77:c2:d9:6e:91:e9:ef:c3:ad:b4:74:c5:a0 . 2011-02-17 09:33:38.464 Initialised AES-256 client->server encryption . 2011-02-17 09:33:38.464 Initialised HMAC-SHA1 client->server MAC algorithm . 2011-02-17 09:33:38.464 Initialised AES-256 server->client encryption . 2011-02-17 09:33:38.464 Initialised HMAC-SHA1 server->client MAC algorithm ! 2011-02-17 09:33:38.651 Using username "user". ! 2011-02-17 09:33:38.714 Using keyboard-interactive authentication. ! 2011-02-17 09:33:38.714 The remote server has presented the following fingerprint: ! 2011-02-17 09:33:38.714 55:fc:aa:d1:fa:b7:0f:6f:fa:ef:2e:b9:9b:92:a7:d8 . 2011-02-17 09:33:38.714 Do you accept the key? (yes/NO): prompt from server . 2011-02-17 09:33:38.729 Responding with stored password. ! 2011-02-17 09:33:38.729 Authenticating with pre-entered password. . 2011-02-17 09:33:38.761 Received disconnect message (SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT) . 2011-02-17 09:33:38.761 Disconnection message text: Connection to ths server is not allowed. . 2011-02-17 09:33:38.761 Server sent disconnect message . 2011-02-17 09:33:38.761 type 1 (SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT): . 2011-02-17 09:33:38.761 "Connection to ths server is not allowed." * 2011-02-17 09:33:38.776 (ESshFatal) Authentication failed. * 2011-02-17 09:33:38.776 Authentication log (see session log for details): * 2011-02-17 09:33:38.776 Using username "user". * 2011-02-17 09:33:38.776 Using keyboard-interactive authentication. * 2011-02-17 09:33:38.776 The remote server has presented the following fingerprint: * 2011-02-17 09:33:38.776 55:fc:aa:d1:fa:b7:0f:6f:fa:ef:2e:b9:9b:92:a7:d8 * 2011-02-17 09:33:38.776 Authenticating with pre-entered password. * 2011-02-17 09:33:38.776 * 2011-02-17 09:33:38.792 Server sent disconnect message * 2011-02-17 09:33:38.792 type 1 (SSH_DISCONNECT_HOST_NOT_ALLOWED_TO_CONNECT): * 2011-02-17 09:33:38.792 "Connection to ths server is not allowed."
