How to solve scp ssh port 22 error ?
 

Hi!

Im trying to use scp to copy changed httpd.conf files to 2 remote machines (the script is executed in one machine from remote and the result is copied to the both).

scp -vvv first_machine_name@ip_address:filename \second_machine_name@second_ip_address:/usr/local/apache/conf

Using RHEL 5.7 with mremote in windows 7 im getting this error:

ssh: connect to host <ip address> port 22: Connection refused

How can I solve it ? Thanks.

Depends.

1. Can you make an ssh connection to <ip address>?
2. Can you make an ssh connection to <second ip address>?
3. Can you also make an ssh connection to <ip address> from <second ip address>?

A last option (if #1 and #2 work, but you are not allowed #3) is to use the command "scp -3 ....", as this forces the data being copied to go from <ip address> to your system, and then to <second ip address>. It is slower, but gets around a configured limitation that blocks access to <ip address> from <second ip address> (I believe that is the order).

One other thing - if you are using authorized keys for access, then you need the keys between <ip address> and <second ip address> to also be handled on those hosts. (though your error doesn't indicate an authentication failure).

Neither 1 nor 2 work. I just can ping between these ips.

In that case you have to check the configuration of 1 and 2 as they are denying you access, and is a simpler problem.

Either there is a "hosts.deny" entry, the firewall is blocking access, or the sshd configuration itself is denying access.

I tried to change ssh config files (permit root login yes etc.), but it did not work.

maybe showing the output ofwould provide some diagnostics.

my preliminary guess would be that the server is set to key-based-authentication (no passwords) and the key is missing from the client ?

There is no such directory /usr/bin/sshd

ssh -v -v -v
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
usage: ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]
[-D [bind_address:]port] [-e escape_char] [-F configfile]
[-i identity_file] [-L [bind_address:]port:host:hostport]
[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
[-R [bind_address:]port:host:hostport] [-S ctl_path]
[-w tunnel:tunnel] [user@]hostname [command]

try /usr/sbin/sshd. And use the -v -v -v to connect to the server.

[root@rppre /usr/local/apache/conf]#/usr/sbin/sshd -v -v -v
sshd: illegal option -- v
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
usage: sshd [-46Ddeiqt] [-b bits] [-f config_file] [-g login_grace_time]
[-h host_key_file] [-k key_gen_time] [-o option] [-p port] [-u len]

[root@rppre /usr/local/apache/conf]#/usr/sbin/sshd -d -d -d
debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 980
debug2: parse_server_config: config /etc/ssh/sshd_config len 980
debug3: cipher ok: aes128-ctr [aes128-ctr,aes192-ctr,aes256-ctr]
debug3: cipher ok: aes192-ctr [aes128-ctr,aes192-ctr,aes256-ctr]
debug3: cipher ok: aes256-ctr [aes128-ctr,aes192-ctr,aes256-ctr]
debug3: ciphers ok: [aes128-ctr,aes192-ctr,aes256-ctr]
debug1: sshd version OpenSSH_4.3p2
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #0 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: rexec_argv[2]='-d'
debug1: rexec_argv[3]='-d'
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 44 on ::.
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 44 on 0.0.0.0.
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 44 on ::.
debug2: fd 3 setting O_NONBLOCK
debug1: Bind to port 44 on 0.0.0.0.
Bind to port 44 on 0.0.0.0 failed: Address already in use.
Cannot bind any address.

I believe what jpollard and schneidz were trying to indicate is to start sshd on the remote machine with the -d -d -d options to see additional debug messages as well as connecting to the remote server with the -v -v -v. You need to stop the server on the remote PC first before restarting it with -d -d -d.

ssh -v -v -v user@first_system_IP_address

It isn't obvious from your first post whether the error was with the first or second remote PC? Can you connect using ssh to either of the remote PCs?

Error is related to the first PC. I could not connect ssh, it is obvious that connection with ssh to port 22 is refused. These machines are using port 44.

If you are using port 44 instead of 22 then can you connect using

ssh -p 44 user@first_system

If a firewall is running does it allow port 44?

seems like you are not a system/server admin (is this for work or home ?). sorry if this question is condescending; redhat enterprise linux tends to be used in corperate servers.

The authenticity of host 'xx.xx.xx.xx (xx.xx.xx.xx) ' can't be established.
RSA key fingerprint is 6b:07:06:17:6f:51:.....

is it asking you to accept the new key. if you are sure the server changed keys recently, it is probably ok to just type in yes and enter.

else you mite need to manually remove the private key (if redhat defaults to strict key management).