SSH_Exchange_Identification: Read: Connection Reset By Peer

SSH_Exchange_Identification: Read: Connection Reset By Peer error is very uncommon. However, you may run into it in case you’re attempting to ssh into a Unix server. It doesn’t affect the off chance that you are utilizing Windows with Cygwin to get to Ubuntu or macOS with the terminal to ssh into Bend, Fedora or, CentOS.

Since ssh is all-inclusive across Unix and Linux, this error can come up whenever that the remote server resets the association without your permission. The SSH_Exchange_Identification: Read: Connection Reset By Peer error shows that the remote machine suddenly shut the Transition Control Protocol (TCP) stream.

In many occurrences, a quick reboot of a remote server may help in a temporary blackout or availability issue. To fix or resolve this issue, we need to recognize its causes.

Causes of the SSH_Exchange_Identification: Read: Connection Reset By Peer Error

The most common causes of this error are:

  • The connection is being obstructed because of the Host-Based Access Control Records.
  • Interruption counteraction programming obstructs your IP by refreshing firewall rules (Fail2ban, DenyHosts, and so forth.).
  • Changes to the SSH daemon design record.

How to Fix SSH_Exchange_Identification: Read: Connection Reset By Peer Error

In this article, we will look at the best way to take care of the issue. There are three methods through which you can fix the “ssh_exchange_identification” issue.

Method 1: Check the hosts.deny File

The easiest way to solve this problem is to directly login to the server’s computer if you have administrative privileges or a way to access it. Go straight to the server’s hosts.deny file and look for its contents.

Enter the following command on the server sudo nano /etc/hosts.deny to see if your system is recorded as banned for some reason. Remove the section with your IP address in the hosts.deny document, if there is any. You can separate the IP address here and spare the record. Attempt to reconnect to the server to check whether you can associate at this point.

Ensure there is nothing else that connects with this machine with your username. One single line in one record can block access to the objective machine. To open the hosts.allow document, type the accompanying order:


Hosts that are in the hosts.allow documents can interface with the machine. Enter your accreditations and hostname or IP address to the record. This expands the possibility of making an effective connection. This isn’t necessary, yet you can attempt it on the off chance that it works for you.

Adhere to the guidelines at the highest point of the record. Additionally, make a point to type in the right host. Type CTRL + O to save the record and CTRL + X to exit. At this stage, you ought to have the option to SSH into the server.

Method 2: Changing ssh Configuration Options

If the previous method does not work, you can try to wipe out the SSH configuration files. If it works, it means there is a problem with the configuration files.

Presuming it doesn’t, at that time, add the -v option to ssh and try to connect again. Furthermore, if you still get an error message, try adding -c aes256-ctr to your ssh command and see whether it works. It should shorten the cipher list and permit you to connect to the server. This method is likely to crack the problem.

This method is particularly very useful for troubleshooting Cisco-branded devices. Moreover, this is because there is a piece of equipment intended to work just with littler parcel sizes. All you have to do is add -c aes256-ctr to your SSH command, which would get you on board.

Method 3: Overriding Accidental IP Bans

If you’ve attempted to sign in a couple of times previously and got denied, at that point, your own server may have confused you with an awful IP address.

It is possible that the server banned your IP address by mistake. The fail2ban subroutine could consider this to be an attack and square your IP address. Run the following order from the remote connect and search for your IP address.

sudo iptables -L –line-number

What you would probably find is that there are a lot of random systems. You can ignore them.

At the point when you have discovered the issue in iptables run the following order. With the D banner you erase one standard from the chain.

iptables -D

Followed by the culpable chain and chain number with the goal that you don’t get restricted once more. On the off chance that your problem isn’t yet understood or solved, alter the following command.


Load it up in your favorite text editor, more than likely nano or vi, as root. You’ll probably want to run something. You can do this with the accompanying order.

sudo nano/etc/fail2ban/jail.conf

At that point proceed to search for the line that has “ignoreip”. Including your IP address in this line. That would prevent fail2ban from hindering your IP.

Every one of these arrangements can work somewhat extraordinary on the different Linux conveyances. With these tips, you ought to have the option to fix the error.


The above methods which are described will help you to fix the SSH_Exchange_Identification: Read: Connection Reset By Peer. This kind of activity is quite uncommon and could not be handy to deal with. You have altogether checked the most well-known purposes for the “SSH_Exchange_Identification: Read: Connection Reset By Peer” mistake.

By taking a look at every chance, thus, you have effectively fixed the issue and now realize how to manage similar issues going ahead. The quantity of potential causes is large and hard to investigate in each regard. At last, if the error exists, it may be important to contact your host.