LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-12-2009, 04:56 PM   #1
tuftystick
Member
 
Registered: Jan 2009
Location: Scotland
Distribution: CentOS 5.3
Posts: 36

Rep: Reputation: 15
SSH Connection Refused


Greetings All,

I have had the following problem for quite some time now and not been able to resove it so I thought I would ask here;

I am trying to SSH into a clients VPS server and it works to start with. Then I reuild it to exactly the same OS and I cannot for the life of me login to SSH... I changed the SSH port using HyperVM's filemanager, restarted SSHD, rebooted the server several times, had my tech do absolutely everything he can and still no luck...

Can anyone at all help with this?

Thanks.
 
Old 01-12-2009, 05:35 PM   #2
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
A couple things need to happen to get clues about why the connection is being refused.

First, run:
$ nc -zvw 2 server.ip.here 22

Is the connection refused? If yes, you've got packet filtering happening at some point along the way, and need to fix that before continuing. If no, read on...

Check the logfile that sshd is logging to on the server. On RHEL-family systems, this is /var/log/secure. This will provide useful information about why the connection is being refused.
 
Old 01-12-2009, 05:40 PM   #3
tuftystick
Member
 
Registered: Jan 2009
Location: Scotland
Distribution: CentOS 5.3
Posts: 36

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by anomie View Post
A couple things need to happen to get clues about why the connection is being refused.

First, run:
$ nc -zvw 2 server.ip.here 22

Is the connection refused? If yes, you've got packet filtering happening at some point along the way, and need to fix that before continuing. If no, read on...

Check the logfile that sshd is logging to on the server. On RHEL-family systems, this is /var/log/secure. This will provide useful information about why the connection is being refused.
First of where do I run that if I cannot connect to the server via SSH?

I checked the file you gave above and got the following message;

Code:
Jan 12 22:07:49 server sshd[27665]: Server listening on :: port 22.
Jan 12 22:07:49 server sshd[27665]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
Something else is, I can't access it but my colleagues can.

Any ideas?

Thanks.
 
Old 01-12-2009, 05:43 PM   #4
netpumber
Member
 
Registered: Sep 2007
Location: In My Box
Distribution: Arch Linux
Posts: 384

Rep: Reputation: 32
You have to change the port number in sshd_config file and not in ssh_config..
 
Old 01-12-2009, 05:45 PM   #5
tuftystick
Member
 
Registered: Jan 2009
Location: Scotland
Distribution: CentOS 5.3
Posts: 36

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by netpumber View Post
You have to change the port number in sshd_config file and not in ssh_config..
Not being funny but I wouldn't be posting here if I hadn't done that.

I have over 6 or 7 years in the hosting industry covering most server type issues and never had this problem.

Thanks.
 
Old 01-12-2009, 05:53 PM   #6
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora
Posts: 3,935
Blog Entries: 5

Rep: Reputation: Disabled
Quote:
Originally Posted by tuftystick
First of where do I run that if I cannot connect to the server via SSH?
Run the nc (netcat) scan from the client. The idea here is to establish whether or not tcp 22 is open to you.
 
Old 01-12-2009, 06:04 PM   #7
tuftystick
Member
 
Registered: Jan 2009
Location: Scotland
Distribution: CentOS 5.3
Posts: 36

Original Poster
Rep: Reputation: 15
I cannot SSH into the server though...
 
Old 01-12-2009, 06:05 PM   #8
tuftystick
Member
 
Registered: Jan 2009
Location: Scotland
Distribution: CentOS 5.3
Posts: 36

Original Poster
Rep: Reputation: 15
I have tried it from my command prompt and the command center in HyperVM and they both return saying unknown action.

Thanks.
 
Old 01-12-2009, 06:18 PM   #9
junpa
Member
 
Registered: Aug 2008
Location: Northern Hemisphere
Distribution: Slackware, OpenVMS, fbsd
Posts: 50

Rep: Reputation: 16
tuftystick,

1. your colleagues can login successfully
o where are they connecting from? home? the noc? the host node?

2. is a firewall configured at any point between the internet and the sshd?

are your colleagues monitoring the firewall logs or the system logs when you are trying to connect?

what is the output of the netcat command when you run it from the command line.

show us so we can better help you.
 
Old 01-12-2009, 06:24 PM   #10
tuftystick
Member
 
Registered: Jan 2009
Location: Scotland
Distribution: CentOS 5.3
Posts: 36

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by junpa View Post
tuftystick,

1. your colleagues can login successfully
o where are they connecting from? home? the noc? the host node?

2. is a firewall configured at any point between the internet and the sshd?

are your colleagues monitoring the firewall logs or the system logs when you are trying to connect?

what is the output of the netcat command when you run it from the command line.

show us so we can better help you.
1. Home
2. No
3. They are tailing everything that would store an SSH connection
4. bash: netcat: command not found

Thanks.
 
Old 01-12-2009, 06:34 PM   #11
junpa
Member
 
Registered: Aug 2008
Location: Northern Hemisphere
Distribution: Slackware, OpenVMS, fbsd
Posts: 50

Rep: Reputation: 16
netcat is called nc

Code:
junpa@quazi(~):$  nc -zvw 2 qbox.fakelabs.org 22
Warning: inverse host lookup failed for 192.168.1.111: Unknown host
qbox.fakelabs.org [192.168.1.111] 22 (ssh) open
or nmap

Code:
junpa@quazi(~):$ nmap -P0 -p22 qbox.fakelabs.org

Starting Nmap 4.20 ( http://insecure.org ) at 2009-01-13 00:35 CET
Interesting ports on 192.168.1.111:
PORT   STATE SERVICE
22/tcp open  ssh

Nmap finished: 1 IP address (1 host up) scanned in 0.097 seconds
or telnet

Code:
junpa@quazi(~):$ telnet quazi.fakelabs.org 22
Trying 192.168.1.102...
Connected to quazi.fakelabs.org.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.1
replace qbox.fakelabs.org with the server you are trying to connect to.

show us the output of that. you can remove the ip addresses when u paste it.

o can you connect to any other sshd server ?
o did they grep the logs for your ip address?

Last edited by junpa; 01-12-2009 at 06:37 PM.
 
Old 01-12-2009, 06:46 PM   #12
tuftystick
Member
 
Registered: Jan 2009
Location: Scotland
Distribution: CentOS 5.3
Posts: 36

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by junpa View Post
netcat is called nc

Code:
junpa@quazi(~):$  nc -zvw 2 qbox.fakelabs.org 22
Warning: inverse host lookup failed for 192.168.1.111: Unknown host
qbox.fakelabs.org [192.168.1.111] 22 (ssh) open
or nmap

Code:
junpa@quazi(~):$ nmap -P0 -p22 qbox.fakelabs.org

Starting Nmap 4.20 ( http://insecure.org ) at 2009-01-13 00:35 CET
Interesting ports on 192.168.1.111:
PORT   STATE SERVICE
22/tcp open  ssh

Nmap finished: 1 IP address (1 host up) scanned in 0.097 seconds
or telnet

Code:
junpa@quazi(~):$ telnet quazi.fakelabs.org 22
Trying 192.168.1.102...
Connected to quazi.fakelabs.org.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.1
replace qbox.fakelabs.org with the server you are trying to connect to.

show us the output of that. you can remove the ip addresses when u paste it.

o can you connect to any other sshd server ?
o did they grep the logs for your ip address?
Code:
[root@node ~]# nc -zvw 2 74.63.217.94  22
Connection to 74.63.217.94 22 port [tcp/ssh] succeeded!

[root@node ~]# nmap -P0 -p22 74.63.217.94
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2009-01-13 01:41 EET
Nmap finished: 1 IP address (0 hosts up) scanned in 0.215 seconds

[root@node ~]# telnet 74.63.217.94 22
Trying 74.63.217.94...
Connected to 94-217-63-74.reverse.lstn.net (74.63.217.94).
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3
That is what I receive SSH'ing into the Host Server.

1. I can connect to the Host Server & our Private VPS

Thanks.
 
Old 01-12-2009, 06:55 PM   #13
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670
You can also test if a port is open using telnet.

telnet <hostname> 22
for example. You won't complete an ssh connection, but you should see a message indicating the version of ssh for example. That tells you that the port is open on the server and you are reaching the server.

If you do reach the server, try "ssh -v user@hostname" or even "ssh -vv user@hostname". That will give verbose information on why a connection is being refused. The -vv (verbose verbose) option will include information from both sides of the connection.

Also check the logs on the server. Some things that can cause a refusal are: a change in the fingerprint of the client; reverse dns loopup failure (if strict is indicated in sshd_config); the client has a new key pair; the user's home directories permissions are too permissive; the user's ~/.ssh/ or ~/.ssh/id_rsa has group or other read permissions.

Also check the "AllowUsers", "AllowHosts", "DenyUsers" & "DenyHosts" in sshd_config. Using "AllowUsers" will deny all other users.

An entry in authorized_keys can contain allowed hosts (or ip addresses) or commands that are allowed for that user. If you are using public key authentication, check that file. The manpage for sshd or ssh_config may have more information about the format. (I don't remember which one does)

Sometimes, deleting a stale entry in known_hosts on the client can clear up problems. You probably would have the client indicate which entry caused the problem if that is the case.
 
Old 01-12-2009, 06:59 PM   #14
tuftystick
Member
 
Registered: Jan 2009
Location: Scotland
Distribution: CentOS 5.3
Posts: 36

Original Poster
Rep: Reputation: 15
I tried logging into the server via the nodes ssh and it's worked...

Just seems like if I connect like 3 times successfully in a night, it then stops me...

Thanks.
 
Old 01-12-2009, 07:02 PM   #15
tuftystick
Member
 
Registered: Jan 2009
Location: Scotland
Distribution: CentOS 5.3
Posts: 36

Original Poster
Rep: Reputation: 15
Once I stop being allowed to login to one VPS I can't login to any of the others...

But I can login to the Node hosting the VPS's and our private VPS which is off network.

Thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
SSH - Connection Refused eminence Linux - Networking 14 03-06-2012 01:22 AM
SSH Connection Refused? lowpro2k3 Linux - Networking 2 11-04-2009 12:02 PM
ssh connection refused Verlager Linux - Networking 7 02-26-2008 06:54 PM
ssh connection refused - trying to set up ssh server at home openSauce Linux - Server 10 10-18-2007 05:38 PM
SSH Connection Refused meping Linux - Networking 9 04-15-2006 02:04 AM


All times are GMT -5. The time now is 06:51 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration