通过SSH访问电信天翼云服务器，报ssh_exchange_identification: read: Connection reset by peer的解决方法

一.问题现象

业务部门人员反馈通过公司网络访问电信天翼云服务器，报ssh_exchange_identification: read: Connection reset by peer，但是通过手机热点访问正常。

二.问题排查思路

1.检查公司网络到天翼云网络的联通性

2.检测天翼云虚拟机的安全组策略是否开放

3.检查天翼云虚拟机的防火墙是否开启

4.检查天翼云虚拟机的sshd_config是否限制root用户登录

5.检查天翼云虚拟机的/etc/hosts.allow和/etc/hosts.deny是否限制

三.处理方式

按照问题排查思路，第1至4步骤检查，均无发现异常，重点检查下/etc/hosts.allow 和 /etc/hosts.deny 配置文件。

cat /etc/hosts.allow

#
# hosts.allow	This file contains access rules which are used to
#		allow or deny connections to network services that
#		either use the tcp_wrappers library or that have been
#		started through a tcp_wrappers-enabled xinetd.
#
#		See 'man 5 hosts_options' and 'man 5 hosts_access'
#		for information on rule syntax.
#		See 'man tcpd' for information on tcp_wrappers
#

发现/etc/hosts.allow没有配置，未发现异常

cat /etc/hosts.deny | more

# DenyHosts: Thu Aug 11 08:55:02 2022 | sshd: 218.104.225.140
sshd: 218.104.225.140
# DenyHosts: Thu Aug 11 08:59:04 2022 | sshd: 124.160.96.249
sshd: 124.160.96.249
# DenyHosts: Thu Aug 11 09:10:11 2022 | sshd: 103.226.249.239
sshd: 103.226.249.239
# DenyHosts: Thu Aug 11 09:11:42 2022 | sshd: 185.118.48.206
sshd: 185.118.48.206
# DenyHosts: Thu Aug 11 09:21:47 2022 | sshd: 1.233.83.140
sshd: 1.233.83.140
# DenyHosts: Thu Aug 11 09:21:47 2022 | sshd: 211.110.1.27
sshd: 211.110.1.27
# DenyHosts: Thu Aug 11 09:29:22 2022 | sshd: 143.244.168.93
sshd: 143.244.168.93
# DenyHosts: Thu Aug 11 09:32:23 2022 | sshd: 159.89.19.21
sshd: 159.89.19.21
# DenyHosts: Thu Aug 11 09:33:24 2022 | sshd: 185.126.8.102
sshd: 185.126.8.102
# DenyHosts: Thu Aug 11 09:41:59 2022 | sshd: 92.255.85.69
sshd: 92.255.85.69
# DenyHosts: Thu Aug 11 09:42:29 2022 | sshd: 139.59.189.130
sshd: 139.59.189.130
# DenyHosts: Thu Aug 11 10:00:37 2022 | sshd: 64.227.29.12

发现天翼云虚拟机上面/etc/hosts.deny上面有好多被DenyHosts程序添加禁止访问的IP地址，删除/etc/hosts.deny对应公司的互联网出口IP地址，并重启sshd服务即可访问。需要排查被DenyHosts封堵的原因，一般都是多次尝试登录失败导致。