SSH_Exchange_Identification: Read: Connection Reset By Peer

SSH_Exchange_Identification: Read: Connection Reset By Peer error is fortunately rare. The process of converting ssh into any Unix server is one of the primary reasons for this error. It is a common misconception that using Windows with Cygwin to access other OS like that of Ubuntu, or Mac OS using the terminal to ssh into Linux Arch, Fedora or CentOS will help you get rid of SSH_Exchange_Identification: Read: Connection Reset By Peer error.

How to Fix SSH_Exchange_Identification: Read: Connection Reset By Peer Error

Alas! It isn’t the case ssh is universal across Unix and Linux, resetting the connection without permission can always lead to this error.

Solution 1: Check the Hosts .Deny File

If you have the administrative privileges on your system severs, the easiest solution is to head over to a prompt that has credentials allowing it to log into the server’s computer and have a look at the “hosts.deny” File.

Type the command “Sudo nano /etc/hosts.deny on the server. Then, check that your system has been added to any banned lists. If it is so, then you can correct this mistake by removing and reconnecting via ssh on another machine.

SSH Exchange Identification Read Connection Reset By Peer

Check to make sure that there aren’t any other wildcards that are prohibiting your computer from the connection. However, a new file with nothing but the default text that was added by the server’s distribution would be acceptable.

On the other hand, you can always try a manual login by using the commandsudo /etc/hosts.allow to establish a proper connection. It should be noted that this is rarely necessary, but if you do add them, you’ll need to follow the informational text that the distribution provided.

connection reset by peer

A line at the bottom that reads like ALL: any_site.com when added can permit everyone on any_site.com to connect to the server. Beware of your typing mistakes and then push Ctrl + O to save the File and Ctrl + X to exit.

Solution 2: Changing SSH Configuration Options

If you couldn’t try the previous approach for not being able to access the remote server, then try sweeping out the ssh configuration files and see if the error persists. If it doesn’t show an error message, then add the -v option to ssh and attempt to establish the connection again.

Try adding -c aes256-ctr to your ssh command if you have gotten rid of ssh_exchange_identification: read: connection reset by peer error. The cypher list gets condensed and allows you to connect to the server you were attempting to ssh into since this shortens the packet size in turn.

It has been found that troubleshooting some types of Cisco branded equipment is very useful because some pieces of server hardware have a protocol to expect smaller packet sizes. Simply add -c aes256-ctr to your usual ssh command, and you should be free of any further errors.

Solution 3: Overriding Accidental IP Bans

It is possible that every time your access was denied. It was because your own server might have mistaken you for a bad IP address. This is usually the case when you keep retrying the connection while troubleshooting. It might be the routine response, but it could be perceived as an attack to the fail2ban subroutine. Make sure that this isn’t the one causing issues.

Step 1 – So, run sudo iptables -L –line-number from the remote connect and look for your IP address. You can ignore many unrelated connections.

ssh_exchange_identification: read: connection reset by peer

Step 2 – Once you identify the error, run iptables -D followed by the offending chain and chain number. It helps you to prevent yourself from being banned from your software again.

Step 3 – It is most likely that you have gotten rid of any errors related to this. However, if you do, you can edit the following: /etc/fail2ban/jail.conf. Run it in your text editor, more than likely nano or vi, as root.

Step 4 – Then run something like sudo nano/etc/fail2ban/jail.conf. Then look for a line that reads “ignoreip”. Add your IP address to this line. It helps you to permanently block fail2ban from adding your IP address to any of the block lists.

Step 5 – Different Linux distributions have their way of dealing with these situations. However, you should implement these changes as soon as possible.

Read More:

Final Words

SSH_Exchange_Identification: Read: Connection Reset By Peer error is quite rare but can cause immense trouble for your system. Your operating system doesn’t matter whether you use Linux or any other OS. Ensure you have backed up your system and follow the above methods to solve this error.

Thank You For Reading!