if i use ssh -vv root@192.168.0.28 i see this at the end of some normal debug output and then it exits with the sender just bouncing back to the prompt. Why is the peer resetting the connection?
kex_exchange_identification: read: Connection reset by peer
pc2# ssh -vv pc1
debug1: OpenSSH_10.3p1, OpenSSL 3.5.3 16 Sep 2025
debug1: Reading configuration data /usr/etc/ssh/ssh_config
debug1: /usr/etc/ssh/ssh_config line 30: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: Reading configuration data /usr/etc/ssh/ssh_config.d/50-suse.conf
debug2: checking match for 'final all' host pc1 originally pc1
debug2: match not found
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: /usr/etc/ssh/ssh_config line 33: Applying options for *
debug1: configuration requests final Match pass
debug1: re-parsing configuration
debug1: Reading configuration data /usr/etc/ssh/ssh_config
debug1: /usr/etc/ssh/ssh_config line 30: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: Reading configuration data /usr/etc/ssh/ssh_config.d/50-suse.conf
debug2: checking match for 'final all' host pc1 originally pc1
debug2: match found
debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config
debug1: /usr/etc/ssh/ssh_config line 33: Applying options for *
debug2: resolving "pc1" port 22
debug1: Connecting to pc1 [192.168.0.28] port 22.
debug1: Connection established.
debug1: loaded pubkey from /root/.ssh/id_rsa: RSA SHA256:084omL/jVti/foT26Mvb2StYGZV1P0NT6hC7Hl2ISDw
debug1: identity file /root/.ssh/id_rsa type 0
debug1: no identity pubkey loaded from /root/.ssh/id_rsa
debug1: no pubkey loaded from /root/.ssh/id_ecdsa
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: no identity pubkey loaded from /root/.ssh/id_ecdsa
debug1: no pubkey loaded from /root/.ssh/id_ecdsa_sk
debug1: identity file /root/.ssh/id_ecdsa_sk type -1
debug1: no identity pubkey loaded from /root/.ssh/id_ecdsa_sk
debug1: no pubkey loaded from /root/.ssh/id_ed25519
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: no identity pubkey loaded from /root/.ssh/id_ed25519
debug1: no pubkey loaded from /root/.ssh/id_ed25519_sk
debug1: identity file /root/.ssh/id_ed25519_sk type -1
debug1: no identity pubkey loaded from /root/.ssh/id_ed25519_sk
debug1: Local version string SSH-2.0-OpenSSH_10.3
kex_exchange_identification: read: Connection reset by peer
Connection reset by 192.168.0.28 port 22
yes, i have exchanged public id_rsa.pub and appended it to authorized_keys on each system, I even tried generating new keys of type ed25519 and temporarily changing the names of the rsa keys to XX-id_rsa and XX-id_rsa.pub so they would be ignored and i got the same results with the ed25519 keys. One way only. one way works fine but then trying to go back results in similar debug output and i get popped back to the prompt. The destination never shows any movement at all
Hard to read for me without using the Return key so little.
So I do not know, what in the config pc1 is used as User, but are the keys there in the /home/USERNAME/.ssh/known_host or in the /root/.ssh/known_hosts on 192.168.0.28?
Have you use ssh-copy-id to send the keys to 192.168.0.28?
stephan@qemu-tumbleweed:~> ssh-copy-id -p XXXXX stephan@192.168.0.2
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/stephan/.ssh/id_ed25519.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
stephan@192.168.0.2's password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh -p XXXXX 'stephan@192.168.0.2'"
and check to make sure that only the key(s) you wanted were added.
stephan@qemu-tumbleweed:~> ssh -p XXXXX stephan@192.168.0.2
stephan@linux64:~>
also,i used the ssh-copy-id to hit all of my systems (as regular user) from pc5 but then after ssh’ing to pc4 i tried it again and on one pc i got an error which i dont know how to resolve
/usr/bin/ssh-copy-id: ERROR: kex_exchange_identification: read: Connection reset by peer
You mean that a and b are both running SSH servers? Then of course you should configure both. There is no mechanism that copies those files to a random other computer. And same of course for the eventual firewall configurations. On both systems they must allow access to the SSH port (22 by default).
As Henk was writing, you have to configure every ssh-server, you want to use.
You can only connect from a client to a server, so when you connect from a to b, you have to set up the server b.
When you now want to reconnect from b to a, you have to set up the server a.
Just to stress this to the TO: I think reconnect is the wrong expression. It is just connect from a client to a server (and remind that in UNIX/Linux “client” and “server” are programs/processes).
Did not see it mentioned at a quick read, but one should never ssh as root. That is one of the first things I disable in the ssh server config. One compromised client is enough to destroy a lot more than only the server.