On Centos 7 I am faced with the error below:
ssh -vvv ##.###.###.###
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to ##.###.###.### [##.###.###.###] port 22.
debug1: connect to address ##.###.###.### port 22: Connection refused
ssh: connect to host ##.###.###.### port 22: Connection refused
pool-100-1-1-25:~ studiolaptop1$ ssh -vvv ##.###.###.###
Bizarrely, I have been getting this issue for awhile now when I try to ssh into my server. I have checked iptables looks all fine. Checked the ssh.config file, that is also looking fine, but clearly something is wrong. How can I solve this?
If the connection is refused, it means the sshd daemon/server is not running. Can you login to the server locally or via a console?
Try running the following as root on the target server:
lsof -i :22
or on the source server, see if you can connect to the ssh port:
telnet targethost 22
You should get something like the following:
# telnet localhost 22
Trying ::1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_6.9
Switching from firewallD to iptables had caused this issue. Thus, needed to add relevant rules to the iptable to allow outbound and inbound connection on port 22.
Related
Hello in recent days I have weird problem. I am getting ssh problem with -vvv:
debug2: resolving "ha-barebone.local" port 22
debug2: ssh_connect_direct
debug1: Connecting to ha-barebone.local [10.0.0.22] port 22.
debug1: connect to address 10.0.0.22 port 22: Connection refused
ssh: connect to host ha-barebone.local port 22: Connection refused
but I can login on that computer as ssh user#127.0.0.1
It happens randomly. I tried to reinstall open ssh, then it worked, then it did not. Service restart does not help, looks like some problem with network. Ping resolves and works well.
I have created a Virtual Machine with multipass, I am trying to connect to this instance over ssh, with the command:
ssh -vvv -i back_key ubuntu#10.136.38.199
At first, I tried to connect to my instance from a Github Action, but I got a timeout error, I thought that it may have been a Github issue.
But with a second computer, I couldn't connect to the VM either.
The error I got:
ubuntu#laptop-number2:~$ ssh -vvv -i back_key ubuntu#10.136.38.199
OpenSSH_8.2p1 Ubuntu-4ubuntu0.3, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname 10.136.38.199 is address
debug2: ssh_connect_direct
debug1: Connecting to 10.136.38.199 [10.136.38.199] port 22.
debug1: connect to address 10.136.38.199 port 22: Resource temporarily unavailable
ssh: connect to host 10.136.38.199 port 22: Resource temporarily unavailable
Wheither it's from Github Action or from a second computer, I can't connect to the multipass instance over ssh.
But, I can connect to instance with the host computer.
I thought it may be a Firewall issue, so I disabled it with:
sudo systemctl stop ufw
I did this in the VM and the host machine, then I restarted ssh inside the instance.
The reason: I got those issues was the network I was working on. The ssh port for the server couldn't be reached.
I knew that by using nmap:
nmap -Pn -p 22 <IP_OF_SERVER>
The result was: The port is filtered.
Working with a mobile network didn't solve it either, since my ISP block this port. The solution was using the network from my house for the ssh server.
So I've managed to cut off the branch I was standing on so to speak. I was connected to a server and I ran sudo pkill where the PID was a process I thought I wanted to kill and and I think I killed the ssh process that was listening on port 22.
Here is what happens when I try to connect now:
<computer>:~ <user>$ ssh -p 22 -v <user>#<ipaddress>
OpenSSH_8.1p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 47: Applying options for *
debug1: /etc/ssh/ssh_config line 51: Applying options for *
debug1: Connecting to <ipaddress> [<ipaddress>] port 22.
debug1: connect to address <ipaddress> port 22: Connection refused
ssh: connect to host <ipaddress> port 22: Connection refused
Is there anyway I can connect via SSH? Or am I out of luck until I can login to the machine itself and restart the SSH server?
Try first a curl -v telnet:<user>#<ipaddress>:22
If it does not display a "Connected" message... there is no listener on port 22, which means the SSH daemon has been terminated.
You would then indeed wait for the opportunity to log on again, and restoart the SSH daemon.
In a moment of weakness I sheepishly followed a tutorial on how to connect to my Amazon EC2 remote server bypassing a public library's Wifi ssh restriction.
So first thing I did was adding the following (last) line to my /etc/ssh/sshd_config file residing in my remote EC2 AMazon server:
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
ListenAddress 443
Then I restarted the ssh server and, in a genius move, logged out from my remote server. So when in my local machine I do this...
$ ssh -i /path/to/key.pem xxx#xx.xx.xxx.xx -p 443 -v
...I get this:
$ ssh -i /path/to/key.pem xxx#xx.xx.xxx.xx -v -p 443
OpenSSH_6.0p1 Debian-4+deb7u2, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to xx.xx.xxx.xx [xx.xx.xxx.xx] port 443.
debug1: connect to address xx.xx.xxx.xx port 443: Connection timed out
ssh: connect to host xx.xx.xxx.xx port 443: Connection timed out
If I try to ssh to default's port 22 I get this:
OpenSSH_6.0p1 Debian-4+deb7u2, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to xx.xx.xxx.xx [xx.xx.xxx.xx] port 22.
debug1: connect to address xx.xx.xxx.xx port 22: Connection refused
ssh: connect to host xx.xx.xxx.xx port 22: Connection refused
I also added the following line in my Amazon's EC2 'Security Groups'...
Custom TCP port 443
... to no avail.
Did I effectively locked me out of my remote server? I was following a tutorial on how to tunnel and then this happened. Shouldn't have just added to /etc/ssh/sshd_config...
Port 443
...instead of 'ListenAddress 443' ?
I have never had problems ssh'ing to my remote server before (which is a Debian Wheezy).
As far as I know I can still detach my volume, re-attach it into a new instance, fix the sshd_config file, etc. I hope there's an alternative to that.
So my question is: It is possible to connect to my remote server considering the line 'ListenAddress 443' in ssh_config ? If so, how? And perhaps more importantly, why is that I can't connect on Port 22 if I hadn't touched or changed anything n sshd_config besides the ListenAddress 443?
Thanks in advance!
Edit:
telnet xx.xx.xxx.xx 22
Trying xx.xx.xxx.xx...
telnet: Unable to connect to remote host: Connection refused
You can't connect because of one of three reasons:
sshd on the remote server is down because it can't parse ListenAddress 443.
sshd parsed ListenAddress 443 into an IP address ('443' can be interpreted as an IP address - an IPv4 address is represented at low levels by a 32-bit unsigned integer) but was unable to bind to the IP address represented by '443' and is down.
sshd parsed ListenAddress 443 into an IP address, successfully bound to that IP address, and is now running and listening for incoming connections on "0.0.1.187" or some similar interpretation of '443' as an IP address.
So I'm on my local machine, and I'm sshing into a google compute server.
From this google compute server, I'm trying to establish an ssh tunnel to a third party server ($host) using the following command:
ssh username#$host -L 3306:127.0.0.1:3306 -N
And after hanging for 20-30 seconds, I get:
ssh: connect to host $host port 22: Connection timed out
I can use the exact same command on my local machinet to the third party server and it works fine.
I've killed anything using the 3306 port on the google compute server.
I've opened port 22 and 3306 on the google server through the interface (through I can't tell if this applies to outbound connections also).
Not sure where to go from here, any help would be appreciated.
Edit1: The google server can successfully ping the third party server.
Edit2: Just tried it from the company server, it doesn't work there either. Both he google-compute and the company server are linux (Deb Wee and Ubuntu respectively) and the local machine is windows. The fact that I'm sshing into them shouldn't make a difference should it?
Edit3: Changed the default SSH port on the google server to 22222 and connected to it using that instead. Trying to connect to third party now with:
sudo ssh -p 22 username#$host -L 3306:127.0.0.1:3306 -N -v -v -v
Debug output is:
OpenSSH_6.6.1, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to $host [$host] port 22.
And after that it just hangs.
Debug output on local machine using same command is is:
OpenSSH_4.6p1, OpenSSL 0.9.8e 23 Feb 2007
debug2: ssh_connect: needpriv 0
debug1: Connecting to $host [$host] port 22.
debug1: Connection established.
*other junk*
Turns out the third party server had ssh blocked from anywhere outside Australia
-_-