On a quite fresh install of Ubuntu 14.04 (machine1), I have openssh-server with a completely default config.

When connecting from machine2 on the LAN, with an empty ~/.ssh, I get the following debug output from the server (running as /usr/sbin/sshd -p 22 -D -d -e): http://pastebin.com/WeHGzsUM and the relevant bits are probably:

debug1: permanently_set_uid: 118/65534 [preauth]

debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]

debug1: SSH2_MSG_KEXINIT sent [preauth]

Read from socket failed: Connection reset by peer [preauth]

debug1: do_cleanup [preauth]

...

When connecting from machine2 with my normal ~/.ssh that works on many servers, I get the following debug output on machine1: http://pastebin.com/uxKfAYSL

In both cases, on machine2, the client reports: http://pastebin.com/dTp4mNne which looks normal to me until the last line:

ssh_exchange_identification: read: Connection reset by peer

On server and client, ssh client is version:

OpenSSH_6.6p1 Ubuntu-2ubuntu1, OpenSSL 1.0.1 14 Mar 2012

And the server has version:

OpenSSH_6.6.1p1 Ubuntu-2ubuntu2, OpenSSL 1.0.1f 6 Jan 2014

The exact same client command that fails remotely works perfectly on the server, machine1, so it's not an account problem.

Earlier, before I upgraded my ssh client on machine2, ssh would block indefinitely, after showing this debug output http://pastebin.com/JSX6r7Yp and on the server I'd see the following in auth.log

Jun 19 22:27:47 lemur sshd[6491]: Did not receive identification string from 192.168.1.12

UPDATE:

Turns out (thanks to @chaos) this had nothing to do with ssh. I had managed to set a bad netmask on the server machine of 255.255.255.255 instead of 255.255.255.0. This caused issues for routing inbound traffic from the LAN, but not from the router.