ssh connection refused
Solution 1
I first tried to remove and reinstall ssh but it didn't work for me then I tried to purge it:
sudo apt-get purge openssh-server
sudo apt-get install openssh-server
so now its working.
Solution 2
TCP error "Connection refused" means that there is a host active on this IP address but the port you were trying to connect to (22 for ssh) is not open.
First of all double check your host name and/or IP address.
The most likely reason is either somebody stopped the ssh daemon or somebody configured it to use an alternative port instead of the default 22.
If you have physical access to your server logon to that server and type in command sudo netstat -tupan
. Ideally you should see a line like:
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1053/sshd
If you don't try starting sshd and/or checking whether it is configured to listen on port 22.
EDIT
The bits to focus on are:
:22
- port 22
LISTEN
- there is a process running and expecting incoming connections on port 22
sshd
- the name of the process.
If you can't see a line like that then perhaps your ssh server is badly configured and fails to start. Try this page for instructions how to run it in the foreground and troubleshoot it.
Solution 3
SSH Connection refused because of the following reason-
default port(22) has been changed to something others. Check your /etc/ssh/sshd_config file for any change in port.
IP conflict on the LAN. Use arping command to determine any conflict. see your dhcp pool.
ssh port is not allowed on ip-tables/firewall. Check your iptables/firewall and allow.
*Uninstall/Reinstall ssh package is not a good idea because it will change many key and pass.
Solution 4
Your server firewall is configured to have the port open, but nothing is listening to respond to your connection.
You need to have sshd (the ssh daemon)installed, and running...
https://help.ubuntu.com/community/SSH/OpenSSH/Configuring
Solution 5
One of the most common issue causing this is the sshd services itself. Did you check if it is actually running? Also, I noticed you are directly editing your iptables, so if you had ufw/firewalld running -- might as well check it.
Also make sure that the ssh server is running the right IP and the FQDN is routing to the right IP Address.
Related videos on Youtube
jackaraz
Updated on September 18, 2022Comments
-
jackaraz almost 2 years
Hi I'm having a problem with my ssh, which is magically stopped working and I couldn't figure out why. The message it give is:
ssh: connect to host <host> port 22: Connection refused
I don't see any error messages when I write
dmesg
but I'm getting following fromtelnet localhost 22
Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused
I tried the solutions that I saw in some similar cases [1] and [2] but it still didn't solve my problem the entries and outputs are as follows:
>> sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT >> sudo iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:ssh Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
Note that this was already ACCEPT I didn't had any problem even before entering the command
sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT
. I also tried to reboot ssh but it didn't change anything>>netstat -a | egrep 'Proto|LISTEN' Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 localhost:20128 *:* LISTEN tcp 0 0 localhost:17600 *:* LISTEN tcp 0 0 localhost:20129 *:* LISTEN tcp 0 0 localhost:17603 *:* LISTEN tcp 0 0 localhost:21128 *:* LISTEN tcp 0 0 deathstar:domain *:* LISTEN tcp 0 0 localhost:ipp *:* LISTEN tcp 0 0 *:db-lsp *:* LISTEN tcp6 0 0 ip6-localhost:ipp [::]:* LISTEN tcp6 0 0 [::]:db-lsp [::]:* LISTEN
I don't know what else to try so hope this is enough to solve the problem.
Rest is added after @Ashu's comment
sudo lsof -i | grep ssh
nothing happened
>>netstat -l --numeric-ports | grep 22 unix 2 [ ACC ] STREAM LISTENING 1618183 @jack-com.canonical.Unity.Master.Scope.files.T1731348652205882 >>sudo iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:ssh Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
Eddited after @TheSchwa's comment
>>ps aux | grep sshd jack 3711 0.0 0.0 15944 2220 pts/26 S+ 14:08 0:00 grep --color=auto sshd
-
Ashu over 8 yearscan you try these commands 'sudo lsof -i | grep ssh', 'netstat -l --numeric-ports | grep 22', 'sudo iptables --list'
-
TheSchwa over 8 yearsOn what machine are you running
telnet localhost 22
? Do you have any way to access the remote machine other thanssh
? -
jackaraz over 8 years@Ashu I added them in the question.
-
jackaraz over 8 years@TheSchwa I can physically access to the machine if you are asking that and all those commands above ran in the machine that I'm trying to ssh in to.
-
TheSchwa over 8 yearsCheck if sshd is running on the remote machine with
ps aux | grep sshd
. -
jackaraz over 8 years@TheSchwa added the output in the question
-
TheSchwa over 8 yearsSo
sshd
is the program that runs on the remote computer and allows you tossh
into it. If it's not running you won't be able tossh
. Trysudo service sshd start
on the remote machine and post the output. If it saysSUCCESS
try tossh
again and see if it's fixed.
-
-
jackaraz over 8 yearsI had so many similar lines ending with CLOSE_WAIT LISTEN ESTABLISHED etc. but I dont know the meaning of all those lines
-
unil over 8 yearsIt is best to make sure you outline the steps found on the page you linked in your answer, because links may become broken at any time. By all means add a link for reference, however always make sure to include the steps too.
-
unil over 8 yearsTrue, but a wiki page can easily changed by anyone. I have known wiki pages to be moved without the old reference being linked to the new location. However, I appreciate the fact that you already knew about the ruling - just remember that any link/site/page can change or be deleted at any time (regardless of its location).
-
bhelm almost 6 yearsunexpected, but did work :
-
Admin about 2 yearsindeed. this worked. What a beautiful solution.