Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have had the following problem for quite some time now and not been able to resove it so I thought I would ask here;
I am trying to SSH into a clients VPS server and it works to start with. Then I reuild it to exactly the same OS and I cannot for the life of me login to SSH... I changed the SSH port using HyperVM's filemanager, restarted SSHD, rebooted the server several times, had my tech do absolutely everything he can and still no luck...
A couple things need to happen to get clues about why the connection is being refused.
First, run: $ nc -zvw 2 server.ip.here 22
Is the connection refused? If yes, you've got packet filtering happening at some point along the way, and need to fix that before continuing. If no, read on...
Check the logfile that sshd is logging to on the server. On RHEL-family systems, this is /var/log/secure. This will provide useful information about why the connection is being refused.
A couple things need to happen to get clues about why the connection is being refused.
First, run: $ nc -zvw 2 server.ip.here 22
Is the connection refused? If yes, you've got packet filtering happening at some point along the way, and need to fix that before continuing. If no, read on...
Check the logfile that sshd is logging to on the server. On RHEL-family systems, this is /var/log/secure. This will provide useful information about why the connection is being refused.
First of where do I run that if I cannot connect to the server via SSH?
I checked the file you gave above and got the following message;
Code:
Jan 12 22:07:49 server sshd[27665]: Server listening on :: port 22.
Jan 12 22:07:49 server sshd[27665]: error: Bind to port 22 on 0.0.0.0 failed: Address already in use.
Something else is, I can't access it but my colleagues can.
junpa@quazi(~):$ nc -zvw 2 qbox.fakelabs.org 22
Warning: inverse host lookup failed for 192.168.1.111: Unknown host
qbox.fakelabs.org [192.168.1.111] 22 (ssh) open
or nmap
Code:
junpa@quazi(~):$ nmap -P0 -p22 qbox.fakelabs.org
Starting Nmap 4.20 ( http://insecure.org ) at 2009-01-13 00:35 CET
Interesting ports on 192.168.1.111:
PORT STATE SERVICE
22/tcp open ssh
Nmap finished: 1 IP address (1 host up) scanned in 0.097 seconds
or telnet
Code:
junpa@quazi(~):$ telnet quazi.fakelabs.org 22
Trying 192.168.1.102...
Connected to quazi.fakelabs.org.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.1
replace qbox.fakelabs.org with the server you are trying to connect to.
show us the output of that. you can remove the ip addresses when u paste it.
o can you connect to any other sshd server ?
o did they grep the logs for your ip address?
junpa@quazi(~):$ nc -zvw 2 qbox.fakelabs.org 22
Warning: inverse host lookup failed for 192.168.1.111: Unknown host
qbox.fakelabs.org [192.168.1.111] 22 (ssh) open
or nmap
Code:
junpa@quazi(~):$ nmap -P0 -p22 qbox.fakelabs.org
Starting Nmap 4.20 ( http://insecure.org ) at 2009-01-13 00:35 CET
Interesting ports on 192.168.1.111:
PORT STATE SERVICE
22/tcp open ssh
Nmap finished: 1 IP address (1 host up) scanned in 0.097 seconds
or telnet
Code:
junpa@quazi(~):$ telnet quazi.fakelabs.org 22
Trying 192.168.1.102...
Connected to quazi.fakelabs.org.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.1
replace qbox.fakelabs.org with the server you are trying to connect to.
show us the output of that. you can remove the ip addresses when u paste it.
o can you connect to any other sshd server ?
o did they grep the logs for your ip address?
Code:
[root@node ~]# nc -zvw 2 74.63.217.94 22
Connection to 74.63.217.94 22 port [tcp/ssh] succeeded!
[root@node ~]# nmap -P0 -p22 74.63.217.94
Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2009-01-13 01:41 EET
Nmap finished: 1 IP address (0 hosts up) scanned in 0.215 seconds
[root@node ~]# telnet 74.63.217.94 22
Trying 74.63.217.94...
Connected to 94-217-63-74.reverse.lstn.net (74.63.217.94).
Escape character is '^]'.
SSH-2.0-OpenSSH_4.3
That is what I receive SSH'ing into the Host Server.
1. I can connect to the Host Server & our Private VPS
telnet <hostname> 22
for example. You won't complete an ssh connection, but you should see a message indicating the version of ssh for example. That tells you that the port is open on the server and you are reaching the server.
If you do reach the server, try "ssh -v user@hostname" or even "ssh -vv user@hostname". That will give verbose information on why a connection is being refused. The -vv (verbose verbose) option will include information from both sides of the connection.
Also check the logs on the server. Some things that can cause a refusal are: a change in the fingerprint of the client; reverse dns loopup failure (if strict is indicated in sshd_config); the client has a new key pair; the user's home directories permissions are too permissive; the user's ~/.ssh/ or ~/.ssh/id_rsa has group or other read permissions.
Also check the "AllowUsers", "AllowHosts", "DenyUsers" & "DenyHosts" in sshd_config. Using "AllowUsers" will deny all other users.
An entry in authorized_keys can contain allowed hosts (or ip addresses) or commands that are allowed for that user. If you are using public key authentication, check that file. The manpage for sshd or ssh_config may have more information about the format. (I don't remember which one does)
Sometimes, deleting a stale entry in known_hosts on the client can clear up problems. You probably would have the client indicate which entry caused the problem if that is the case.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
