从 Sonoma 升级到 Sequoia 遇到过各种各样的SSH连接问题，其中包括但不限于
1. 防火墙问题
2. WiFi 隐私问题
3. 加密协议不匹配问题
4. SSH 版本强制 2.0 的问题

但今天又遇到一个新问题，通过SSH连接报错，提示 kex_exchange_identification: read: Connection reset by peer，看起来连接被中断，通过 Verbose Mode 查看SSH连接提示如下：

$ ssh -v [email protected]
OpenSSH_9.2p1 Debian-2+deb12u5, OpenSSL 3.0.15 3 Sep 2024
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 10.0.1.3 [10.0.1.3] port 22.
debug1: Connection established.
debug1: identity file /home/zhaoxitao/.ssh/id_rsa type -1
debug1: identity file /home/zhaoxitao/.ssh/id_rsa-cert type -1
debug1: identity file /home/zhaoxitao/.ssh/id_ecdsa type -1
debug1: identity file /home/zhaoxitao/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/zhaoxitao/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/zhaoxitao/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/zhaoxitao/.ssh/id_ed25519 type 3
debug1: identity file /home/zhaoxitao/.ssh/id_ed25519-cert type -1
debug1: identity file /home/zhaoxitao/.ssh/id_ed25519_sk type -1
debug1: identity file /home/zhaoxitao/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/zhaoxitao/.ssh/id_xmss type -1
debug1: identity file /home/zhaoxitao/.ssh/id_xmss-cert type -1
debug1: identity file /home/zhaoxitao/.ssh/id_dsa type -1
debug1: identity file /home/zhaoxitao/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u5
kex_exchange_identification: read: Connection reset by peer
Connection reset by 10.0.1.3 port 22

通过 debug1: Connection established. 判断连接没有问题，防火墙OK，WiFi 隐私没问题。但是SSH客户端没有匹配到任何一种加密模式，开始排查加密问题，于是在 /etc/ssh/sshd_config.d/100-macos.conf 里增加了更宽泛的加密协议：

Read more