When attempting SSH connections between servers running different OpenSSH versions (particularly between 6.6p1 and 5.8), you might encounter the frustrating "Connection reset by peer" error. This typically occurs during the initial handshake phase, as indicated by the [preauth] marker in server logs.
The root cause stems from cipher suite negotiation failures. Newer OpenSSH versions have stricter default cipher requirements. In our case, forcing aes128-ctr worked because:
- It's supported by both client and server versions
- It satisfies the encryption requirements of newer OpenSSH
- It's not considered weak by modern standards
Instead of specifying the cipher manually each time, modify your SSH client configuration:
# ~/.ssh/config or /etc/ssh/ssh_config
Host *
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
KexAlgorithms diffie-hellman-group-exchange-sha256
MACs hmac-sha2-256,hmac-sha2-512For the SSH server (affects all incoming connections):
# /etc/ssh/sshd_config
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
KexAlgorithms diffie-hellman-group-exchange-sha256
MACs hmac-sha2-256,hmac-sha2-512When facing connection issues:
- Check server logs:
tail -f /var/log/auth.log - Enable client debugging:
ssh -vvv user@host - Verify supported ciphers:
ssh -Q cipher
For quick testing without config changes:
ssh -o Ciphers=aes128-ctr -o KexAlgorithms=diffie-hellman-group-exchange-sha256 user@hostWhile older ciphers solve compatibility issues, be aware that:
- Some older algorithms are considered weak
- Regulatory compliance (like PCI DSS) may restrict certain ciphers
- Consider upgrading older systems instead of downgrading security
For environments with mixed OpenSSH versions:
# For systems running OpenSSH 5.x
Match host oldserver*
Ciphers aes128-cbc,3des-cbc
HostKeyAlgorithms ssh-rsaWhen working with SSH connections between servers running different OpenSSH versions (particularly between 6.6p1 and 5.8), you might encounter the frustrating "Read from socket failed: Connection reset by peer" error. This typically occurs during the initial handshake phase, as evidenced by the [preauth] marker in the logs.
The core issue stems from cipher suite incompatibility between OpenSSH versions. Newer versions deprecate older cipher algorithms for security reasons, while older servers might not support newer ciphers. In this specific case:
- OpenSSH 6.6p1 uses more modern cipher suites by default
- Older versions (like 5.8) might only support legacy ciphers
- The handshake fails when no common cipher is found
As you've discovered, explicitly specifying a compatible cipher works:
ssh -c aes128-ctr destination-serverTo avoid specifying ciphers manually for each connection, update your SSH client configuration:
# ~/.ssh/config or /etc/ssh/ssh_config
Host legacy-servers
HostName destination-server
Ciphers aes128-ctrFor system-wide configuration (affecting all users):
# /etc/ssh/ssh_config
Host *
Ciphers aes128-ctr,aes192-ctr,aes256-ctrIf you control the destination server, consider updating its SSH daemon configuration:
# /etc/ssh/sshd_config
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128Remember to restart the SSH service after changes:
service sshd restartWhen troubleshooting complex SSH issues, enable verbose output:
ssh -vvv destination-serverKey things to examine in the output:
- KEX algorithms being offered
- Host key algorithms
- MAC algorithms
- Where exactly the connection fails
While using older ciphers solves connectivity issues, be aware of the security implications:
- arcfour ciphers are considered weak and should be avoided
- aes128-ctr provides adequate security for most use cases
- Consider upgrading older servers instead of downgrading security
Modern OpenSSH versions support algorithm negotiation. You can configure preferred algorithms while maintaining compatibility:
# Client configuration
Host *
HostKeyAlgorithms ssh-rsa,ssh-dss
KexAlgorithms diffie-hellman-group-exchange-sha256
MACs hmac-sha2-256,hmac-sha1