ssh_exchange_identification: read: connection reset by peer
This tutorial is meant to help troubleshoot connection reset by peer issues you might have while using SSH.
Ever tried to SSH into your server and seen an error like this?
ssh_exchange_identification: read: Connection reset by peer
The first thing you should always do if SSH fails is try again with verbose logging on. Just try something like this:
ssh [email protected] -vv
If the problem is on your client’s side, some sort of error should show up in that log. If you aren’t seeing anything useful in there, the problem may be with your server.
The Tricky Part #
So, how do you get on your server if you cant ssh!?
If you’re lucky, your host will provide you with some sort of shell access via their web UI. If not, they should at least offer some alternative method for access. That part you’ll need to figure out for yourself.
After You Get Access #
If you want to see everything that SSH is doing on the server side, here’s what you can try ( assuming Debian or Ubuntu here ):
sudo service ssh stop
sudo /usr/sbin/sshd -d
That will show you a real time log of everything that happens to SSH. If, as I suspect, you are banned from your server ( fail2ban or some other program has put your IP in /etc/hosts.deny ) you should see something like this in the log:
debug1: Connection refused by tcp wrapper
It could mean a number of things, but very likely you’re being blocked by hosts.deny. The simplest way to test would be to put an allow all in hosts.allow
and put in something like:
Then try re-connecting. If that was your problem, try re-configuring fail2ban or whatever you have on your server that is sticking IPs into hosts.deny. If not, keep Googling! 😉
Subscribe to my email list!
Let me be real with you. Sometimes when I'm bored I log in to Buttondown and look at the audience number. If it's bigger than it was the week before, well that makes me feel really happy!
I promise I'll never spam you and I will, at most, send you a monthly update with what's happening on this site.