ssh_exchange_identification: read: Connection reset by peer

I recently upgraded my Mac Desktop and I noticed a strange problem that I was not able to SSH into my desktop from my laptop. I ultimately found out that the SSH setup that came with MacOS was having some issue as when I did ssh user@localhost on the desktop I got the same error:

ssh_exchange_identification: read: Connection reset by peer

I ended up tailing the system log using the following command:

sudo tail -f /var/log/system.log

I observed the following entries in the log whenever a SSH was attempted. 

com.apple.xpc.launchd[1] (com.openssh.sshd.[UUID][NUM]): Service exited with abnormal code: 1

It was clear that there was setup issue with the SSH that came with default MacOS installation. So I decided to spawn a separate SSH instance and watch it’s log:

sudo /usr/sbin/sshd -d -p 2222

This command showed up a lot of issues related to file permissions.

Permissions 0644 for '/etc/ssh/ssh_host_dsa_key' are too open.
Permissions 0644 for '/etc/ssh/ssh_host_ecdsa_key' are too open.
Permissions 0644 for '/etc/ssh/ssh_host_ed25519_key' are too open.

I fixed these permission issues by changing their permission to 400:

sudo chmod 400 /etc/ssh/ssh_host_dsa_key
sudo chmod 400 /etc/ssh/ssh_host_ecdsa_key
sudo chmod 400 /etc/ssh/ssh_host_ed25519_key

After this change the following command succeeded and I was able to do successful SSH connection to port 2222.

sudo /usr/sbin/sshd -d -p 2222

So I killed this process and decided to restart SSH:

sudo launchctl unload /System/Library/LaunchDaemons/ssh.plist 
sudo lsof -i:22
echo $?
sudo launchctl load /System/Library/LaunchDaemons/ssh.plist 

Once SSHD was restarted I could successfully do logins using ssh user@localhost from Desktop as well as remote login via SSH from my laptop. 

2 thoughts on “ssh_exchange_identification: read: Connection reset by peer

  1. The Cocoa

    Thank you!
    I started another sshd server on port 2222 and found a typo in my /etc/ssh/sshd_config file.
    I was pulling my hair out!

    Thanks again.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *