# ssh_exchange_identification:  Connection closed by remote host



## dave (Jan 22, 2010)

I am seeing a very high rate of SSH attack lately, as in several attempts per minute.  I am not particularly worried about break-ins, as I use hard passwords, have very few user accounts and use denyhosts to block persistent attempts.  But, as of today, I am receiving this error when trying to connect to two separate machines...


```
ssh_exchange_identification: Connection closed by remote host
```

I guess this is due to too many concurrent connections?

Am I going to have to head down to the data center and change my config?  IF so, what to do?

Thanks in advance.


----------



## SirDice (Jan 22, 2010)

Instead of using denyhosts by hand, install security/sshguard-pf.


----------



## anomie (Jan 22, 2010)

That message may indicate that _your_ host(s) or subnets have been added to the sshd deny list in /etc/hosts.allow.


----------

