[SOLVED] AWS EC2 ssh_exchange_identification: read: Connection reset by peer

Issue

Had to restart an EC2 instance due to heavy load. When it came back up, I could not longer SSH into it. A -vvv of the ssh command produced this output, but I'm not sure how to interpret this... (IP obfuscated)

OpenSSH_7.2p2, LibreSSL 2.4.1
debug1: Reading configuration data /Users/ecomevo/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 20: Applying options for *
debug2: resolving "xx.xx.xx.xx" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to xx.xx.xx.xx [xx.xx.xx.xx] port 22.
debug1: Connection established.
debug1: identity file /Users/ecomevo/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/ecomevo/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/ecomevo/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/ecomevo/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/ecomevo/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/ecomevo/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/ecomevo/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/ecomevo/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2

I checked permissions on ssh related files, but not sure if that is the problem:

$ ls -alF .ssh/
total 56
drwx------ 11 ecomevo staff   374 Jul 15 12:02 ./
drwxr-xr-x 20 ecomevo staff   680 Nov 26 18:45 ../
-rw-r--r--  1 ecomevo staff  6148 May 25  2015 .DS_Store
-rw-------  1 ecomevo staff   299 Jul 15 12:05 config
-rw-------  1 ecomevo staff   179 Jun 25  2015 environment
-rw-------  1 ecomevo staff  3326 May 15  2015 id_rsa
-rw-------  1 ecomevo staff   750 May 15  2015 id_rsa.pub
-rw-r--r--  1 ecomevo staff 17747 Oct 13 12:21 known_hosts
-rw-r--r--  1 ecomevo staff  2786 May 19  2015 known_hosts.old

Restarting my Mac did not fix the issue as I've seen suggested in other posts.

Solution

There are typically three reasons why you might be unable to connect:

• The instance is unaccessible, due to VPC or Security Group configuration. However, you are getting connection established, so this isn't the case.
• The wrong username is being used
• The wrong keypair is being used, either on the local end or the remote end

If you think everything is correct, but it still isn't working, then you could copy another public key into the EC2 instance (into the user's .ssh/authorized_keys file). If you can access the server via another user, then they could copy the key for you. If you cannot access the server, then:

• Stop the instance
• Detach the boot disk
• Attach it to another EC2 instance
• Copy the public key to the desired location
• Detach the disk and reattach it to the original instance
• Start the original instance
• SSH using the new keypair

Answered By - John Rotenstein

Answer Checked By - Marie Seifert (WPSolving Admin)