urlscan.io logo urlscan.io
SecurityTrails logo

linuxhint.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Back to summary
Submitted URL: http://linuxhint.com/ssh-exchange-identification/
Effective URL: https://linuxhint.com/ssh-exchange-identification/
Submission: On December 20 via manual from GB — Scanned from NL

Form analysis 2 forms found in the DOM

GET https://linuxhint.com/

<form class="vce-search-form" action="https://linuxhint.com/" method="get">
  <input name="s" class="vce-search-input" size="20" type="text" value="Type here to search..." onfocus="(this.value == 'Type here to search...') &amp;&amp; (this.value = '')"
    onblur="(this.value == '') &amp;&amp; (this.value = 'Type here to search...')" placeholder="Type here to search...">
  <button type="submit" class="vce-search-submit"><i class="fa fa-search"></i></button>
</form>

GET https://linuxhint.com/

<form class="sidr-class-vce-search-form" action="https://linuxhint.com/" method="get">
  <input name="s" class="sidr-class-vce-search-input" size="20" type="text" value="Type here to search..." onfocus="(this.value == 'Type here to search...') &amp;&amp; (this.value = '')"
    onblur="(this.value == '') &amp;&amp; (this.value = 'Type here to search...')" placeholder="Type here to search...">
  <button type="submit" class="sidr-class-vce-search-submit"><i class="sidr-class-fa sidr-class-fa-search"></i></button>
</form>

Text Content

 * Home
 * Learning
 * Videos
 * Subscribe
 * * 

Linux Commands


WHAT IS SSH_EXCHANGE_IDENTIFICATION READ CONNECTION RESET BY PEER?

2 years ago
by Talha Saif Malik
If you were attempting to maintain or establish any connection, there might come
a situation where your remote machine blocks this ssh connection. The message of
“ssh_exchange_identification: read: Connection reset by peer” isn’t that clear
to describe what caused the error right away.



To successfully solve this problem, we must determine the root cause of this
error. This article will provide you the most likely reasons and offers their
effective solutions in detail. Follow the article to learn the methods for
fixing this error.


“CONNECTION RESET BY PEER” SSH ERROR CAUSES

This ssh identification error claims that the TCP stream was suddenly closed by
the remote machine. Sometimes, a remote server reboot can quickly resolve a
brief outage or the connectivity issue.


MY LATEST VIDEOS


Hands-on Tour of Manjaro Linux
Hands-on Tour of Manjaro Linux
More Videos


0 seconds of 6 minutes, 57 secondsVolume 0%

Press shift question mark to access a list of keyboard shortcuts
Keyboard ShortcutsEnabledDisabled
Play/PauseSPACE
Increase Volume↑
Decrease Volume↓
Seek Forward→
Seek Backward←
Captions On/Offc
Fullscreen/Exit Fullscreenf
Mute/Unmutem
Seek %0-9
Next Up
How to use telnet command
02:28

Live
00:00
02:20
06:57







 


You can prevent error occurrences in the future on your system by learning how
to diagnose this issue and discovering its underlying cause. We have compiled
the common reasons for you to identify the leading cause of this connection
reset by peer error.

 * The SSH daemon file related to the configuration has been modified.
 * By upgrading firewall rules, intrusion prevention software blocked your IP
   address.
 * Due to Host-Based Access Control Lists, the connection is being banned.


METHOD 1: CHECKING HOST DENY AND HOST ALLOW FILES


EDITING HOST.DENY FILE

TCP wrappers are the hosts.deny and hosts.allow files. These files are utilized
as a security function for limiting the hostnames or IP addresses connected to
the remote system. Using your favorite text editor, connect to your remote
server and open up the hosts.deny file. Write out the below-given command if you
are using nano on a Linux-based system.


$ sudo nano /etc/hosts.deny





Comments are lines that are left blank or begin with the ‘#‘ symbol. Verify that
this host.deny file contains your local IP or hostname. If you found out,
immediately remove it or comment it out because it will not connect remotely.





Save the host.deny file and exit after making the necessary modifications. After
this, make a retry to connect through SSH.


EDITING HOST.ALLOW FILE

Edit the hosts.allow file as an extra precautionary measure. Within the hosts.
In this file, the existed access rules will be first applied. This file takes
superiority over the host.deny the file. To view the hosts.allow file, execute
the below-given command:

$ sudo nano /etc/hosts.allow









Adding IP addresses and hostnames to the host.allow file creates exceptions for
the hosts.deny file settings. For example, creating a policy in host.deny file
for restricting access to all hosts. After this, you can edit the hosts.allow
the file to add any single IP range, IP address, or hostname. Only the specified
IP will be allowed to make an SSH connection with your remote server after
writing out these lines in your host.allow file:

sshd : ALL
ALL : ALL
sshd : 10.10.0.5, LOCAL





Remember that a security setting like this will restrict your ability to control
and maintain your remote servers.


METHOD 2: CHECKING THE SSHD_CONFIG FILE

Investigate the authentication log entry if you are still getting the subject
error. The SSH daemon transmits information related to logging to the system
logs by default. After you are failed to log in, check out the /var/log/auth.log
file. To look at the most recent log entries, write out this command:

$ tail -f /var/log/auth.log

The execution of this command outputs information related to your user account,
its password, authentication key, as well as the outcome of your authentication
attempts.







The log contains information that will assist you in locating potential errors
in the sshd configuration file. For example, when an ssh connection is
established, the modifications made to the log file will modify the agreed
terms, which also causes the remote server to reject the client. Type: sshd
config to open up to the sshd config file.

$ sudo nano /etc/ssh/sshd_config



Primary settings, such as the authentication of the ssh key pairs, TCP port, can
be changed in the sshd configuration file and the other complex capabilities
like forwarding port.





If you make changes to the sshd config file, you must restart the sshd service
for them to take effect.




CONCLUSION

The number of possible causes is enormous, and troubleshooting them is
challenging in every way. If the ssh exchange identification error persists,
your host may need to be contacted. In this article, you have gone through the
most common causes of the “ssh exchange identification: read Connection reset by
peer” error. Now, you should successfully solve the problem and know how to cope
with similar challenges in the future by looking at each possibility one at a
time.


ssh


ABOUT THE AUTHOR

TALHA SAIF MALIK

Talha is a contributor at Linux Hint with a vision to bring value and do useful
things for the world. He loves to read, write and speak about Linux, Data,
Computers and Technology.

View all posts


RELATED LINUX HINT POSTS

 * SSHFS Installation and Configuration
 * Linux LDAP Commands
 * How to Print the Usernames of Currently Logged-In Users in Linux
 * How to Create an Ext4 File System with Mkfs
 * Ldapsearch Command
 * Understanding Sudo and Su: Syntax and Functions
 * How to Detach the Screen Session



Linux Hint LLC, editor@linuxhint.com
1309 S Mary Ave Suite 210, Sunnyvale, CA 94087
Privacy Policy and Terms of Use


 * Home
 * Learning
 * Videos
 * Subscribe
 * * 



Update Privacy Preferences
An Elite CafeMedia Publisher