Howto solve ssh_exchange_identification: Connection closed by remote host error

I’ve keep getting the message “ssh_exchange_identification: Connection closed by remote host error” after I managed to finalized my CRUX linux on my decTOP box today. After enough looking into documentations, I finally found out that I need to edit the “/etc/hosts.allow” file to allow SSH connection, for example:


#/etc/hosts.allow
sshd:ALL

or for more conservative setting


#/etc/hosts.allow
sshd:LOCAL
sshd:192.168.1.0/255.255.255.0

I can connect ssh to my box normally after that.

Howto make SSH listens on multiple port

Although it is a security risks, it is possible to make OpenSSH listens on multiple port.

To do that, you need to edit /etc/ssh/sshd_config file. and enable the “GatewayPorts” option.

AllowTcpForwarding no
GatewayPorts yes
X11Forwarding no
#X11DisplayOffset 10

Look for the line that contain “Port 22”, and uncomment it if necessary, and add additional Port line to enable OpenSSH to listen to other ports. Like this:

Port 22
Port 80
Port 1025

The example will enable OpenSSH to listen to port 22,80,1025 simultaneously. Don’t forget to restart SSH service to enable the change by running :

sudo /etc/inet.d/sshd restart

Warning: Running SSH on multiple port may cause security risk, you have been warned!

Recommended Reading

How to make JavaME .jar files downloadable from Apache Web Server

Mobile application developers may have realize that one of the best (and recommended) way to distribute their JavaME/J2ME application is by hosting it on a website. This makes it easier for potential users to navigate and download the .jad or .jar files from their phone browsers and to execute it directly.

However, some web servers are not configured to handle .jar / .jad file requests, eventually leading to failed install response received by the mobile users.

To remedy this, .jad / .jar files need to be associated with the correct MIME type. In Apache, you can do this by creating ‘.htaccess’ file in your web directory, and inserting these lines :

# JavaME
AddType text/vnd.sun.j2me.app-descriptor .jad
AddType application/java-archive .jar

Afterwards, safe the file. The web server should behave accordingly when requests are made to either of these files. For other web servers, please refer to their respective manual or online-help on how to change document MIME type.

How to setup Secure Webserver HTTPS (SSL) on Apache in Ubuntu

Secure HTTP (SSL/TLS) has become a must if you are planning to setup a website which includes user authentication (ie. login box) or sensitive data. HTTPS prevents the sensitive data from being transfered across the network in clear text where it is susceptible to being sniffed or altered. Here is the tutorial on how to setup a secure HTTP on Apache web server in Ubuntu 10.04 (Lucid Lynx).

What do you need?

  • apache2 (Web Server)
  • openssl
  • A bit patient, because it will take some time to learn

Step 1: Create a self-signed certificate
You need to create a self-signed certificate with openssl. To do that you will need to generate the server key.


openssl genrsa -des3 -out server-sec.key 4096

…and certificate signing request (CSR)


openssl req -new -key server-sec.key -out server.csr

After that, generate the server certificate by signing it with the server key.

openssl x509 -req -days 365 -in server.csr -signkey server-sec.key -out server.crt

Keep the server-sec.key in a secure location, with read/write permission assigned only to root. Then generate a password-less copy of the key for Apache use.

openssl rsa -in server-sec.key -out server.key

By this time, you should have :

  • server.key (passwordless key for Apache)
  • server.csr (certificate signing request)
  • server.crt (certificate)
  • server-sec.key (server key)

Continue reading “How to setup Secure Webserver HTTPS (SSL) on Apache in Ubuntu”

Quick and Dirty Network File sharing with Python

Ever find yourself in need to share file over the network quickly, but find yourself lacking time to setup a proper NFS or samba share? Here’s a way to do this with the good old Python CLI.

  • First, go to the directory that you want to share, for example ~/Desktop
  • Then run this command "python -m SimpleHTTPServer"
  • You may access the folder from a remote computer using any webrowser using the url – http://192.168.1.20:8000, change the ip address accordingly
Simple HTTP Server
file sharing with python

You may find this technique offers limited options to share files, but its a real time saver!