LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-27-2015, 03:54 AM   #1
Revenge7
Member
 
Registered: Mar 2015
Posts: 38

Rep: Reputation: Disabled
How to solve scp ssh port 22 error ?


Hi!

Im trying to use scp to copy changed httpd.conf files to 2 remote machines (the script is executed in one machine from remote and the result is copied to the both).

scp -vvv first_machine_name@ip_address:filename \second_machine_name@second_ip_address:/usr/local/apache/conf

Using RHEL 5.7 with mremote in windows 7 im getting this error:

ssh: connect to host <ip address> port 22: Connection refused

How can I solve it ? Thanks.

Last edited by Revenge7; 03-27-2015 at 04:06 AM.
 
Old 03-27-2015, 07:31 AM   #2
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,604

Rep: Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241
Depends.

1. Can you make an ssh connection to <ip address>?
2. Can you make an ssh connection to <second ip address>?
3. Can you also make an ssh connection to <ip address> from <second ip address>?

A last option (if #1 and #2 work, but you are not allowed #3) is to use the command "scp -3 ....", as this forces the data being copied to go from <ip address> to your system, and then to <second ip address>. It is slower, but gets around a configured limitation that blocks access to <ip address> from <second ip address> (I believe that is the order).

One other thing - if you are using authorized keys for access, then you need the keys between <ip address> and <second ip address> to also be handled on those hosts. (though your error doesn't indicate an authentication failure).

Last edited by jpollard; 03-27-2015 at 07:36 AM.
 
1 members found this post helpful.
Old 03-27-2015, 07:40 AM   #3
Revenge7
Member
 
Registered: Mar 2015
Posts: 38

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by jpollard View Post
Depends.

1. Can you make an ssh connection to <ip address>?
2. Can you make an ssh connection to <second ip address>?
3. Can you also make an ssh connection to <ip address> from <second ip address>?

A last option (if #1 and #2 work, but you are not allowed #3) is to use the command "scp -3 ....", as this forces the data being copied to go from <ip address> to your system, and then to <second ip address>. It is slower, but gets around a configured limitation that blocks access to <ip address> from <second ip address> (I believe that is the order).

One other thing - if you are using authorized keys for access, then you need the keys between <ip address> and <second ip address> to also be handled on those hosts. (though your error doesn't indicate an authentication failure).
Neither 1 nor 2 work. I just can ping between these ips.
 
Old 03-27-2015, 08:08 AM   #4
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,604

Rep: Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241
In that case you have to check the configuration of 1 and 2 as they are denying you access, and is a simpler problem.

Either there is a "hosts.deny" entry, the firewall is blocking access, or the sshd configuration itself is denying access.
 
Old 03-27-2015, 08:46 AM   #5
Revenge7
Member
 
Registered: Mar 2015
Posts: 38

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by jpollard View Post
In that case you have to check the configuration of 1 and 2 as they are denying you access, and is a simpler problem.

Either there is a "hosts.deny" entry, the firewall is blocking access, or the sshd configuration itself is denying access.
I tried to change ssh config files (permit root login yes etc.), but it did not work.
 
Old 03-27-2015, 09:36 AM   #6
schneidz
LQ Guru
 
Registered: May 2005
Location: boston, usa
Distribution: fc-15/ fc-20-live-usb/ aix
Posts: 5,029

Rep: Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845
maybe showing the output of
Code:
:
/usr/bin/sshd -d -d -d # on the server
# and
ssh -v -v -v           # on the client
would provide some diagnostics.

my preliminary guess would be that the server is set to key-based-authentication (no passwords) and the key is missing from the client ?

Last edited by schneidz; 03-27-2015 at 09:38 AM.
 
Old 03-27-2015, 09:51 AM   #7
Revenge7
Member
 
Registered: Mar 2015
Posts: 38

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by schneidz View Post
maybe showing the output of
Code:
:
/usr/bin/sshd -d -d -d # on the server
# and
ssh -v -v -v           # on the client
would provide some diagnostics.

my preliminary guess would be that the server is set to key-based-authentication (no passwords) and the key is missing from the client ?
There is no such directory /usr/bin/sshd

ssh -v -v -v
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
usage: ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
[-D [bind_address:]port] [-e escape_char] [-F configfile]
[-i identity_file] [-L [bind_address:]port:host:hostport]
[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
[-R [bind_address:]port:host:hostport] [-S ctl_path]
[-w tunnel:tunnel] [user@]hostname [command]
 
Old 03-27-2015, 10:18 AM   #8
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 4,604

Rep: Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241Reputation: 1241
try /usr/sbin/sshd. And use the -v -v -v to connect to the server.
 
1 members found this post helpful.
Old 03-27-2015, 10:22 AM   #9
Revenge7
Member
 
Registered: Mar 2015
Posts: 38

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by jpollard View Post
try /usr/sbin/sshd. And use the -v -v -v to connect to the server.
[root@rppre /usr/local/apache/conf]#/usr/sbin/sshd -v -v -v
sshd: illegal option -- v
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
usage: sshd [-46Ddeiqt] [-b bits] [-f config_file] [-g login_grace_time]
[-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u len]

[root@rppre /usr/local/apache/conf]#/usr/sbin/sshd -d -d -d
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 980
debug2: parse_server_config: config /etc/ssh/sshd_config len 980
debug3: cipher ok: aes128-ctr [aes128-ctr,aes192-ctr,aes256-ctr]
debug3: cipher ok: aes192-ctr [aes128-ctr,aes192-ctr,aes256-ctr]
debug3: cipher ok: aes256-ctr [aes128-ctr,aes192-ctr,aes256-ctr]
debug3: ciphers ok: [aes128-ctr,aes192-ctr,aes256-ctr]
debug1: sshd version OpenSSH_4.3p2
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: rexec_argv[2]='-d'
debug1: rexec_argv[3]='-d'
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 44 on ::.
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 44 on 0.0.0.0.
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 44 on ::.
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 44 on 0.0.0.0.
Bind to port 44 on 0.0.0.0 failed: Address already in use.
Cannot bind any address.
 
Old 03-27-2015, 10:45 AM   #10
michaelk
Moderator
 
Registered: Aug 2002
Posts: 14,961

Rep: Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530
I believe what jpollard and schneidz were trying to indicate is to start sshd on the remote machine with the -d -d -d options to see additional debug messages as well as connecting to the remote server with the -v -v -v. You need to stop the server on the remote PC first before restarting it with -d -d -d.

ssh -v -v -v user@first_system_IP_address

It isn't obvious from your first post whether the error was with the first or second remote PC? Can you connect using ssh to either of the remote PCs?
 
1 members found this post helpful.
Old 03-27-2015, 10:51 AM   #11
Revenge7
Member
 
Registered: Mar 2015
Posts: 38

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by michaelk View Post
I believe what jpollard and schneidz were trying to indicate is to start sshd on the remote machine with the -d -d -d options to see additional debug messages as well as connecting to the remote server with the -v -v -v. You need to stop the server on the remote PC first before restarting it with -d -d -d.

ssh -v -v -v user@first_system_IP_address

It isn't obvious from your first post whether the error was with the first or second remote PC? Can you connect using ssh to either of the remote PCs?
Error is related to the first PC. I could not connect ssh, it is obvious that connection with ssh to port 22 is refused. These machines are using port 44.
 
Old 03-27-2015, 10:53 AM   #12
michaelk
Moderator
 
Registered: Aug 2002
Posts: 14,961

Rep: Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530Reputation: 1530
If you are using port 44 instead of 22 then can you connect using

ssh -p 44 user@first_system

If a firewall is running does it allow port 44?
 
Old 03-27-2015, 10:58 AM   #13
schneidz
LQ Guru
 
Registered: May 2005
Location: boston, usa
Distribution: fc-15/ fc-20-live-usb/ aix
Posts: 5,029

Rep: Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845
Quote:
Originally Posted by Revenge7 View Post
[root@rppre /usr/local/apache/conf]#/usr/sbin/sshd -v -v -v
sshd: illegal option -- v
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
usage: sshd [-46Ddeiqt] [-b bits] [-f config_file] [-g login_grace_time]
[-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u len]

[root@rppre /usr/local/apache/conf]#/usr/sbin/sshd -d -d -d
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 980
debug2: parse_server_config: config /etc/ssh/sshd_config len 980
debug3: cipher ok: aes128-ctr [aes128-ctr,aes192-ctr,aes256-ctr]
debug3: cipher ok: aes192-ctr [aes128-ctr,aes192-ctr,aes256-ctr]
debug3: cipher ok: aes256-ctr [aes128-ctr,aes192-ctr,aes256-ctr]
debug3: ciphers ok: [aes128-ctr,aes192-ctr,aes256-ctr]
debug1: sshd version OpenSSH_4.3p2
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: rexec_argv[2]='-d'
debug1: rexec_argv[3]='-d'
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 44 on ::.
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 44 on 0.0.0.0.
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 44 on ::.
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 44 on 0.0.0.0.
Bind to port 44 on 0.0.0.0 failed: Address already in use.
Cannot bind any address.
seems like you are not a system/server admin (is this for work or home ?). sorry if this question is condescending; redhat enterprise linux tends to be used in corperate servers.
 
Old 03-27-2015, 11:01 AM   #14
Revenge7
Member
 
Registered: Mar 2015
Posts: 38

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by michaelk View Post
If you are using port 44 instead of 22 then can you connect using

ssh -p 44 user@first_system

If a firewall is running does it allow port 44?
The authenticity of host 'xx.xx.xx.xx (xx.xx.xx.xx) ' can't be established.
RSA key fingerprint is 6b:07:06:17:6f:51:.....
 
Old 03-27-2015, 11:03 AM   #15
schneidz
LQ Guru
 
Registered: May 2005
Location: boston, usa
Distribution: fc-15/ fc-20-live-usb/ aix
Posts: 5,029

Rep: Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845
is it asking you to accept the new key. if you are sure the server changed keys recently, it is probably ok to just type in yes and enter.

else you mite need to manually remove the private key (if redhat defaults to strict key management).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Can ssh over link, but scp stalls and port:443 cannot find a common cipher. houzi Linux - Networking 2 05-01-2014 05:15 PM
[SOLVED] ssh scp key not working to ssh/scp without password rjo98 Linux - Newbie 9 08-22-2011 05:28 PM
scp does not work and gives the following error message: scp: FATAL: Executing ssh1 i akay Linux - Networking 16 09-29-2008 12:41 AM
[Help Me]Error while doing ssh or scp yshra1k Linux - General 2 06-25-2008 04:58 AM
ssh:-error copying using scp matrix13 Linux - Software 1 07-09-2007 12:01 PM


All times are GMT -5. The time now is 07:23 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration