Software & AppsOperating SystemLinux

Fixing “ssh: connect to host port 22: Connection refused” Error

Ubuntu 18

In this article, we will delve into the common SSH error: “ssh: connect to host <host> port 22: Connection refused”. This error message indicates that the SSH connection is being refused by the server. The reasons for this issue can vary, but we will explore some of the most common causes and their solutions.

Understanding the Error

Before we move forward, let’s understand what this error message means. SSH (Secure Shell) is a protocol used to securely connect to a remote server. The default port for SSH is 22, hence the mention in the error message. When you see this error, it means that your SSH client is not able to establish a connection to the server on port 22.

Possible Causes and Solutions

1. SSH Server Not Running

The first thing to check is whether the SSH server (sshd) is running on the remote machine. You can do this by running the following command:

ps aux | grep sshd

This command will list all running processes and filter for ‘sshd’. If you don’t see any sshd process running, that means the SSH server is not running. To start it, use the following command:

sudo service ssh start

This command will start the SSH service on your server.

2. SSH Port Not Open

The next thing to check is whether port 22 is open and allowed through the firewall. You can check the firewall rules with the following command:

sudo iptables --list

This command will list all the current firewall rules. Look for a rule that allows incoming traffic on port 22. If you don’t find one, you can add the rule using the following command:

sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT

This command will add a rule to the firewall to accept all incoming TCP connections on port 22.

3. Port 22 Occupied by Another Service

Another possibility is that port 22 is being used by another service. To check this, run the following command:

netstat -l --numeric-ports | grep 22

This command will list all services listening on ports and filter for port 22. If you see a service other than SSH using this port, you will need to stop or reconfigure that service to free up the port.

4. Incorrect SSH Configuration

Sometimes, the SSH configuration file might have been altered, changing the default port. The configuration file can be found at /etc/ssh/sshd_config. Check to see if the port specified in the file matches the port you are trying to connect to.

5. Network-Level Firewalls or Routers

If you’re connecting from a different network, make sure that the SSH service is allowed through any network-level firewalls or routers. Some routers or firewalls may block SSH connections by default.

6. Restart SSH Service

After making any changes to the firewall rules or SSH configuration, don’t forget to restart the SSH service to apply the changes. This can be done using the following command:

sudo service ssh restart

Conclusion

Troubleshooting SSH errors can be a bit challenging, but with a systematic approach, you can identify and resolve the issue. Always remember to check the basics first – the SSH service, port configuration, and firewall settings. With these steps, you should be able to fix the “ssh: connect to host <host> port 22: Connection refused” error. If the problem persists, it might be a good idea to seek help from a network administrator or a professional with experience in network troubleshooting.

Remember, making changes to your SSH and firewall configurations can potentially expose your server to security risks, so always ensure you understand the implications of the changes you’re making.

How can I check if the SSH server is running on the remote machine?

To check if the SSH server is running on the remote machine, you can use the command ps aux | grep sshd. This command will list all running processes and filter for ‘sshd’. If you don’t see any sshd process running, it means the SSH server is not running.

How can I start the SSH service on my server?

To start the SSH service on your server, you can use the command sudo service ssh start. This command will start the SSH service on your server.

How can I check if port 22 is open and allowed through the firewall?

To check if port 22 is open and allowed through the firewall, you can use the command sudo iptables --list. This command will list all the current firewall rules. Look for a rule that allows incoming traffic on port 22.

How can I add a firewall rule to allow incoming traffic on port 22?

To add a firewall rule to allow incoming traffic on port 22, you can use the command sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT. This command will add a rule to the firewall to accept all incoming TCP connections on port 22.

How can I check if port 22 is being used by another service?

To check if port 22 is being used by another service, you can use the command netstat -l --numeric-ports | grep 22. This command will list all services listening on ports and filter for port 22. If you see a service other than SSH using this port, you will need to stop or reconfigure that service to free up the port.

Where can I find the SSH configuration file?

The SSH configuration file can be found at /etc/ssh/sshd_config. You can check this file to see if the port specified matches the port you are trying to connect to.

What should I do if I’m connecting from a different network and can’t establish an SSH connection?

If you’re connecting from a different network and can’t establish an SSH connection, make sure that the SSH service is allowed through any network-level firewalls or routers. Some routers or firewalls may block SSH connections by default.

How can I restart the SSH service after making changes to the firewall rules or SSH configuration?

To restart the SSH service after making changes to the firewall rules or SSH configuration, you can use the command sudo service ssh restart. This command will apply the changes and restart the SSH service.

What should I do if I’m still experiencing the “ssh: connect to host port 22: Connection refused” error after trying these solutions?

If the problem persists, it might be a good idea to seek help from a network administrator or a professional with experience in network troubleshooting. They can help further investigate and resolve the issue.

Is it important to consider the security implications when making changes to SSH and firewall configurations?

Yes, it is crucial to consider the security implications when making changes to SSH and firewall configurations. Making incorrect changes can potentially expose your server to security risks. Always ensure you understand the implications of the changes you’re making and take necessary precautions to protect your system.

Leave a Comment

Your email address will not be published. Required fields are marked *