ssh_exchange_identification: read: Connection reset by peer

BCarey · 12-29-2013, 03:08 AM

I'm trying to connect to a server (Slack64 13.37) in the US from Italy. The server has been running for a long time, and I was able to connect to it last week from Italy. Now it is giving me this error (full output of ssh -vv pasted below). The http server on the same computer is responding normally. Unfortunately there is no one that can physically access the computer to troubleshoot or restart. I have tried also with a clean .ssh directory.

If I try to access the server with an Android device, it goes so far as to request a password (something it does not do from the Linux client), and then fails with the message java.net.SocketException:recvfrom failed ECONNRESET (Connection reset by peer).

Any idea what could be causing this? Am I screwed until someone can physically access the server?

Thanks for any ideas,
Brian

Code:

OpenSSH_6.4, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to my.net [xx.xx.xx.xx] port 22.
debug1: Connection established.
debug1: identity file /home/me/.ssh/id_rsa type -1
debug1: identity file /home/me/.ssh/id_rsa-cert type -1
debug1: identity file /home/me/.ssh/id_dsa type -1
debug1: identity file /home/me/.ssh/id_dsa-cert type -1
debug1: identity file /home/me/.ssh/id_ecdsa type -1
debug1: identity file /home/me/.ssh/id_ecdsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.4
ssh_exchange_identification: read: Connection reset by peer

anomie · 12-29-2013, 09:51 PM

It's hard to know for sure (without viewing the OpenSSH server logs), but it appears to be deliberately sending you an RST packet. You could easily verify that with tcpdump(8).

At this point - who knows? Could be access control (e.g. TCP wrappers, AllowUsers directive), the OpenSSH server having any number of issues (e.g. due to physical disk, filesystem, permissions problems), or even a marginal network device at some point along the way.

Without 1) physical access; or 2) DRAC / ILOM access, this is going to be tricky to troubleshoot and resolve.

BCarey · 12-30-2013, 07:55 AM

oh well, guess I'll just have to wait.

Thanks,
Brian

Vanyel · 12-12-2016, 12:15 PM

I know this thread is old but I was having the same problem and this was one of the first things to come up in a google search.

FWIW, in my case, the problem was the target (setup long prior to my assuming Admin duties) was also using hosts.allow/deny for SSH connections, as well as the firewall. We recently had a change of the IP range for the entire organization and though I modified iptables for the new range, hosts.allow/deny of course still was in the way.

Even more confounding, some machines are in DNS now, but others are not, so only the machines in DNS were blocked. Problems that only occur SOMETIMES are the worst!

RandomTroll · 12-12-2016, 02:27 PM

I get this error when I try to connect from an IP address disallowed by SSH in the /etc/ssh* config files.