unable to establish ssh connection to EC2 Windows 2003 Server- no data exchanged after TCP handshake

I get the following error after 5 seconds of starting Putty trying to connect to a Windows 2003 server hosted on Amazon EC2.
"Server unexpectedly closed network connection"

This is happening on just one client->server combination. I am attaching all the data - before
that, let me state what the problem is NOT.

1. Not a firewall issue ( I can ssh from the same client to all other servers in the same EC2 group )
2. Not a key issue ( I can ssh from a different client to the same server with the same key )

On the network, after the initial TCP handshake, nothing happens for 5 seconds
( verified on both client and server ). Then the server resets the TCP connection.
No data is exchanged. The SSH protocol version packet which is supposed to
arrive from the server after the connection establishment is never sent.

The config files on the server are as below-

$ cat /etc/hosts.allow
# hosts.allow   This file describes the names of the hosts which are
#               allowed to use the local INET services, as decided
#               by the '/usr/sbin/tcpd' server.
#               CYGWIN note: if you use a software firewall (such
#               as ZoneAlarm or the "Windows Firewall" in Windows
#               XP), you must also open a 'hole' at the proper
#               port for the services you enable below.
ALL : localhost : allow
sshd: ALL

$ cat /etc/hosts.deny
# hosts.deny    This file describes the names of the hosts which are
#               *not* allowed to use the local INET services, as decided
#               by the '/usr/sbin/tcpd' server.

$ cat /etc/sshd_config
#       $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/bin:/usr/sbin:/sbin:/usr/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

Port 22
#AddressFamily any
#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh_host_rsa_key
#HostKey /etc/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes
StrictModes no
#MaxAuthTries 6
#MaxSessions 10

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile     .ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
#UsePAM no

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none

# no default banner path
#Banner none

# override default of no subsystems
Subsystem       sftp    /usr/sbin/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#       X11Forwarding no
#       AllowTcpForwarding no
#       ForceCommand cvs server

There is nothing in the /var/log/sshd.log.
Who is Participating?
TheJoeShmoeConnect With a Mentor Author Commented:
I found the problem and note it here if it helps anyone in future. I had given up and
found the problem quite accidentally while examining the Windows system event
log ( C:\windows\system32\eventvwr.msc ).

There were many red error messages from "sshd". Each one had the following
text =
"can't verify hostname: gethostbyname(ABTS-North-Dynamic-".
 And some other stuff.

In my hosts.allow file, I had allowed ALL for sshd, so it was not a simple denial
issue. The problem was that sshd was trying to call gethostbyname() on the
above host ( which I assume is my ISP's machine ) and failing. I added it to
the /etc/hosts file as follows -       ABTS-North-Dynamic-

and everything works fine. So it was not a firewall or other clientside issue,
as I had suspected, nor a key issue ( all these were eliminated by my tests
as possible problem causes as explained in my problem statement ). It was
something in my ISP that was causing the problem. When I connected through
other ISPs to the same server, everything was working fine.

Hope this helps someone.
I am confused..
you said it is a windows 2003 server, yet proceed to detail a linux configuration.
something must be incorrect...

If it really is a windows 2003 server, then you need to connect to it via RDP as by default no sshd is installed on windows images.

TheJoeShmoeAuthor Commented:
I have installed Cygwin on the Windows 2003 Server. Surely that was apparent from the multiple places where the word "CYGWIN" can be found in my problem statement?
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

meh, was not apparent to me, seemed like standard conf notes.
sorry, I can't help here :( never ran sshd out of cygwin
try to install a windows native sshd - they actually work pretty well
TheJoeShmoeAuthor Commented:
It is a native sshd, if by native you mean Win32 app.
And it works fine against clients on other machines.
I was looking for some insight on why a ssh server would not send the Server protocol
packet after the tcp handshake.
try to install a fresh putty on a different PC to eliminate client side problems.

I recommend PAQ and refund in order for the solution to be helpful to others in the future
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.