On a quite fresh install of Ubuntu 14.04 (machine1), I have openssh-server with a completely default config.
When connecting from machine2 on the LAN, with an empty ~/.ssh, I get the following debug output from the server (running as /usr/sbin/sshd -p 22 -D -d -e): http://pastebin.com/WeHGzsUM and the relevant bits are probably:
debug1: permanently_set_uid: 118/65534 [preauth]
debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
Read from socket failed: Connection reset by peer [preauth]
debug1: do_cleanup [preauth]
...
When connecting from machine2 with my normal ~/.ssh that works on many servers, I get the following debug output on machine1: http://pastebin.com/uxKfAYSL
In both cases, on machine2, the client reports: http://pastebin.com/dTp4mNne which looks normal to me until the last line:
ssh_exchange_identification: read: Connection reset by peer
On server and client, ssh client is version:
OpenSSH_6.6p1 Ubuntu-2ubuntu1, OpenSSL 1.0.1 14 Mar 2012
And the server has version:
OpenSSH_6.6.1p1 Ubuntu-2ubuntu2, OpenSSL 1.0.1f 6 Jan 2014
The exact same client command that fails remotely works perfectly on the server, machine1, so it's not an account problem.
Earlier, before I upgraded my ssh client on machine2, ssh would block indefinitely, after showing this debug output http://pastebin.com/JSX6r7Yp and on the server I'd see the following in auth.log
Jun 19 22:27:47 lemur sshd[6491]: Did not receive identification string from 192.168.1.12
UPDATE:
Turns out (thanks to @chaos) this had nothing to do with ssh. I had managed to set a bad netmask on the server machine of 255.255.255.255 instead of 255.255.255.0. This caused issues for routing inbound traffic from the LAN, but not from the router.