If you’re having trouble connecting to a remote machine, you might see the error message “ssh_exchange_identification: read: connection reset by peer.” This article will help you determine the root cause of the problem and fix it.
What Causes the “connection reset by peer” Error?
Several potential causes exist for the “ssh_exchange_identification: read: connection reset by peer” error. The most common reasons are listed below.
One possible cause is that the SSH daemon file related to the configuration has been modified. If this is the case, you can try restoring the original file or contact your system administrator for assistance.
Another possibility is that your firewall rules or intrusion prevention software have blocked your IP address. This can be resolved by upgrading the firewall rules or whitelisting your IP address with intrusion prevention software.
A third potential reason for this error message is due to Host-Based Access Control Lists (HBAC). In some cases, the connection may be banned due to security policies. You will need to contact your system administrator to resolve the issue if this is the case.
Method 1: Check the host.deny and host.allow Files
Edit the host.deny File
The hosts.deny and hosts.allow files are used to enable or deny connections. These files are used as a security precaution to restrict the hostnames or IP addresses that may be linked to the remote system. Connect to your remote server and open the hosts.deny file:
sudo nano /etc/hosts.deny
Any IP or hostname in this file will be denied to the remote server. If you don’t to block the IP or hostname, remove them from the hosts.deny file.
Edit the host.allow File
Edit the hosts.allow file by running this command:
sudo nano /etc/hosts.allow
To enable access to remote servers, you must add their IP addresses and hostnames to the hosts.allow file. Creating exceptions for the hosts.deny file settings is accomplished by adding IP addresses and hostnames to the host.allow file.
For example, creating a policy in the host.deny file that restricts access to all hosts is one way to increase security. Then, you can add specific IP addresses and hostnames to the hosts.allow file to allow access for remote servers.
For example, a strict security policy in the etc/hosts.deny file would deny access to all hosts:
sshd : ALL ALL : ALL
In the etc/hosts.allow file, you may add a single IP address, an IP range, or a hostname to the list of permitted connections. Add the following line to allow only the specified IP addresses to connect via SSH with your remote server:
sshd : 220.127.116.11, LOCAL
After making your changes, save and close the file. Then, try connecting again from your remote system.
Method 2: Check the sshd_config File
Check the authentication log entry if you’re still getting the “ssh_exchange_identification: read: connection reset by peer” error. By default, the SSH daemon sends logging information to the system logs.
If you can’t log in, check for /var/log/auth.log in your directory. This command will show you the most recent entries:
tail -f /var/log/auth.log
This command displays account information, password, authentication key, and the results of your authentication attempts.
The log file contains information that might help you find any potential problems with the sshd configuration file. For example, when an ssh connection is established, the changes made to the log file modify the terms agreed upon by both parties, which results in the remote server rejecting the client.
To access to the sshd_config file, run this command:
sudo nano /etc/ssh/sshd_config
The default settings for the system (such as the authentication of ssh key pairs, TCP port, and so on) may be modified in the sshd configuration file.
The complicated capabilities such as forwarding ports can all be managed by changing the sshd configuration file. If you make changes to the sshd config file, you must restart the sshd service before these modifications are available.
On Ubuntu or Debian Linux, you can restart the sshd service by running this command:
sudo systemctl restart ssh.service
On RHEL/CentOS Linux, you can restart the sshd service by running this command:
sudo systemctl restart sshd.service
Method 3: Check Your Firewall Rules
If you still can’t connect, check your firewall rules. The iptables firewall is a popular way to manage server security.
The service may be disabled or not configured properly. You can check the status of the iptables service by running this command:
sudo service iptables status
If the service is active, you can check if your IP is blocked:
sudo iptables -L
You can also temporarily stop iptables:
systemctl stop iptables.service
If you’re able to connect to the remote machine, it means the firewall rules is blocking access.
With so many factors to consider, troubleshooting them is tough in every way. If the ssh exchange identification error persists, your host may need to be contacted. Now that you’ve gone through the most common causes of the “ssh exchange identification: read Connection reset by peer” problem, you should be able to fix it and know how to deal with it if it pops up again.
If you’re still having trouble, the best thing to do is contact your host and ask for their help. They may be able to see something that you don’t or have some other suggestion on how to fix the problem.
Keep in mind that not every problem has a simple solution, but with a little effort, you should be able to get your ssh connection up and running again.