ssh connection refused

networking server ssh firewall

141,864

Solution 1

I first tried to remove and reinstall ssh but it didn't work for me then I tried to purge it:

sudo apt-get purge openssh-server
sudo apt-get install openssh-server

so now its working.

Solution 2

TCP error "Connection refused" means that there is a host active on this IP address but the port you were trying to connect to (22 for ssh) is not open.

First of all double check your host name and/or IP address.

The most likely reason is either somebody stopped the ssh daemon or somebody configured it to use an alternative port instead of the default 22.

If you have physical access to your server logon to that server and type in command sudo netstat -tupan. Ideally you should see a line like:

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1053/sshd

If you don't try starting sshd and/or checking whether it is configured to listen on port 22.

EDIT

The bits to focus on are:

:22 - port 22

LISTEN - there is a process running and expecting incoming connections on port 22

sshd - the name of the process.

If you can't see a line like that then perhaps your ssh server is badly configured and fails to start. Try this page for instructions how to run it in the foreground and troubleshoot it.

Solution 3

SSH Connection refused because of the following reason-

default port(22) has been changed to something others. Check your /etc/ssh/sshd_config file for any change in port.
IP conflict on the LAN. Use arping command to determine any conflict. see your dhcp pool.
ssh port is not allowed on ip-tables/firewall. Check your iptables/firewall and allow.

*Uninstall/Reinstall ssh package is not a good idea because it will change many key and pass.

Solution 4

Your server firewall is configured to have the port open, but nothing is listening to respond to your connection.

You need to have sshd (the ssh daemon)installed, and running...

https://help.ubuntu.com/community/SSH/OpenSSH/Configuring

Solution 5

One of the most common issue causing this is the sshd services itself. Did you check if it is actually running? Also, I noticed you are directly editing your iptables, so if you had ufw/firewalld running -- might as well check it.

Also make sure that the ssh server is running the right IP and the FQDN is routing to the right IP Address.

View more solutions

141,864

jackaraz

Updated on September 18, 2022

Comments

jackaraz almost 2 years

Hi I'm having a problem with my ssh, which is magically stopped working and I couldn't figure out why. The message it give is:

ssh: connect to host <host> port 22: Connection refused

I don't see any error messages when I write dmesg but I'm getting following from telnet localhost 22

Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused

I tried the solutions that I saw in some similar cases [1] and [2] but it still didn't solve my problem the entries and outputs are as follows:

>> sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT
>> sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Note that this was already ACCEPT I didn't had any problem even before entering the command sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT. I also tried to reboot ssh but it didn't change anything

>>netstat -a | egrep 'Proto|LISTEN'
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 localhost:20128         *:*                     LISTEN     
tcp        0      0 localhost:17600         *:*                     LISTEN     
tcp        0      0 localhost:20129         *:*                     LISTEN     
tcp        0      0 localhost:17603         *:*                     LISTEN     
tcp        0      0 localhost:21128         *:*                     LISTEN     
tcp        0      0 deathstar:domain        *:*                     LISTEN     
tcp        0      0 localhost:ipp           *:*                     LISTEN     
tcp        0      0 *:db-lsp                *:*                     LISTEN     
tcp6       0      0 ip6-localhost:ipp       [::]:*                  LISTEN     
tcp6       0      0 [::]:db-lsp             [::]:*                  LISTEN

I don't know what else to try so hope this is enough to solve the problem.

Rest is added after @Ashu's comment

sudo lsof -i | grep ssh

nothing happened

>>netstat -l --numeric-ports | grep 22
unix  2      [ ACC ]     STREAM     LISTENING     1618183  @jack-com.canonical.Unity.Master.Scope.files.T1731348652205882

>>sudo iptables --list
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Eddited after @TheSchwa's comment

>>ps aux | grep sshd
jack      3711  0.0  0.0  15944  2220 pts/26   S+   14:08   0:00 grep --color=auto sshd

Ashu over 8 years

can you try these commands 'sudo lsof -i | grep ssh', 'netstat -l --numeric-ports | grep 22', 'sudo iptables --list'
TheSchwa over 8 years

On what machine are you running telnet localhost 22? Do you have any way to access the remote machine other than ssh?
jackaraz over 8 years

@Ashu I added them in the question.
jackaraz over 8 years

@TheSchwa I can physically access to the machine if you are asking that and all those commands above ran in the machine that I'm trying to ssh in to.
TheSchwa over 8 years

Check if sshd is running on the remote machine with ps aux | grep sshd.
jackaraz over 8 years

@TheSchwa added the output in the question
TheSchwa over 8 years

So sshd is the program that runs on the remote computer and allows you to ssh into it. If it's not running you won't be able to ssh. Try sudo service sshd start on the remote machine and post the output. If it says SUCCESS try to ssh again and see if it's fixed.

jackaraz over 8 years

I had so many similar lines ending with CLOSE_WAIT LISTEN ESTABLISHED etc. but I dont know the meaning of all those lines
unil over 8 years

It is best to make sure you outline the steps found on the page you linked in your answer, because links may become broken at any time. By all means add a link for reference, however always make sure to include the steps too.
unil over 8 years

True, but a wiki page can easily changed by anyone. I have known wiki pages to be moved without the old reference being linked to the new location. However, I appreciate the fact that you already knew about the ruling - just remember that any link/site/page can change or be deleted at any time (regardless of its location).
bhelm almost 6 years

unexpected, but did work :
Admin about 2 years

indeed. this worked. What a beautiful solution.