LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   SSH connection refused (https://www.linuxquestions.org/questions/linux-newbie-8/ssh-connection-refused-907089/)

TheOrganist25 10-08-2011 07:09 AM

SSH connection refused
 
Hi all,
I am relatively new to Linux, am running LinuxMint (Katya). I have been able to ssh into my box from outside (including Putty) previously, and can ssh out from my box. For some reason I no longer can ssh in. I've read a lot of the forums and tried a lot like wiping the known_hosts and flushing iptables. Output from iptables -L is:

Quote:

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
I have a dyndns account which I regularly check to make sure it's correct, and the port forwarding settings are also correct.

I simply get:

Quote:

Connection refused
Help is much appreciated.

fukawi1 10-08-2011 07:28 AM

Try adding the "-v" option to the ssh command for more information as to why the connection is being refused.

TheOrganist25 10-08-2011 07:34 AM

Quote:

niccourtman@Sarah-Jane ~ $ ssh -v -p ##### niccourtman@niccourtman.dyndns.org
OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to niccourtman.dyndns.org [86.184.34.109] port #####.
debug1: connect to address 86.184.34.109 port #####: Connection refused
ssh: connect to host niccourtman.dyndns.org port #####: Connection refused
This is what I get.

fukawi1 10-08-2011 07:36 AM

Ok, so i probably should have made that -vvv

TheOrganist25 10-08-2011 07:39 AM

Quote:

niccourtman@Sarah-Jane ~ $ ssh -vvv -p ##### niccourtman@niccourtman.dyndns.org
OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to niccourtman.dyndns.org [86.184.34.109] port #####.
debug1: connect to address 86.184.34.109 port #####: Connection refused
ssh: connect to host niccourtman.dyndns.org port #####: Connection refused
What does vvv do?

fukawi1 10-08-2011 07:48 AM

-v increases verbosity, -vvv increases it more... you should be seeing some "debug3" messages, im not sure why your not getting that..

try "netstat -tnlp" to see if sshd is listening on the correct port.

Juako 10-08-2011 07:53 AM

More v's add verbosity (man ssh...). Perhaps the server has some more info in its logs?

Try
Code:

grep -Ri ssh /var/log/*

TheOrganist25 10-08-2011 07:54 AM

Quote:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:5900 0.0.0.0:* LISTEN 1896/vino-server
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 912/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1064/cupsd
tcp 0 0 127.0.0.1:8089 0.0.0.0:* LISTEN 2399/banshee
tcp 0 0 0.0.0.0:17500 0.0.0.0:* LISTEN 1954/dropbox
tcp6 0 0 :::139 :::* LISTEN 903/smbd
tcp6 0 0 :::5900 :::* LISTEN 1896/vino-server
tcp6 0 0 :::22 :::* LISTEN 912/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1064/cupsd
tcp6 0 0 :::445 :::* LISTEN 903/smbd
Should it be listening to the port I'm forwarding through? If so it's not, and how to I change it? Sorry to be a pain.

Juako 10-08-2011 07:57 AM

You should forward some WAN-facing port to tcp/22 on that box.

fukawi1 10-08-2011 07:57 AM

Remove the "-p xxxx" and try it...

TheOrganist25 10-08-2011 08:09 AM

Quote:

niccourtman@Sarah-Jane ~ $ ssh -vvv niccourtman@niccourtman.dyndns.org
OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to niccourtman.dyndns.org [86.184.34.109] port 22.
ssh: connect to host niccourtman.dyndns.org port 22: Connection timed out
It took a long time to time out though.

fukawi1 10-08-2011 08:16 AM

As Juako said, check the port forwards on your router.

Also try "ssh localhost" to try and isolate the problem.

You said that it WAS working, and just stopped working?
What happened prior to that?
Was there an update, a change in router settings, change in sshd_config settings?

As Juako also said, check the sshd logs...
Im not sure where Mint puts them, so use grep as they suggested.

TheOrganist25 10-08-2011 08:22 AM

Ok, so I tried shh localhost and that works.
The only thing I can think is my friend was using Putty to connect and might not have allowed authenticity or something. He was quite vague.

I think this is the appropriate line:

Quote:

/var/log/auth.log:Oct 4 23:19:11 Sarah-Jane sshd[4183]: Did not receive identification string from 78.86.39.58
Although I can't think that that would alter it.

fukawi1 10-08-2011 08:32 AM

ok, im not sure what the deal is with putty, ive only used it a couple of times.

Quote:

I think this is the appropriate line:
there could be other relevant lines in there...


can you try changing LogLevel to DEBUG in /etc/ssh/sshd_config

then

Code:

tail -f /var/log/auth.log
mash on enter a few times, so you can see when the connection attempt starts.

then try and connect again, and post everything that comes up from the blank lines..

TheOrganist25 10-08-2011 08:48 AM

So I get:

Quote:

niccourtman@Sarah-Jane ~ $ tail -f /var/log/auth.log
Oct 8 13:51:11 Sarah-Jane sudo: niccourtman : TTY=pts/0 ; PWD=/home/niccourtman ; USER=root ; COMMAND=/bin/netstat -tnlp
Oct 8 14:12:25 Sarah-Jane sshd[3814]: pam_sm_authenticate: Called
Oct 8 14:12:25 Sarah-Jane sshd[3814]: pam_sm_authenticate: username = [niccourtman]
Oct 8 14:12:25 Sarah-Jane sshd[3814]: Accepted password for niccourtman from 127.0.0.1 port 58037 ssh2
Oct 8 14:12:25 Sarah-Jane sshd[3814]: pam_unix(sshd:session): session opened for user niccourtman by (uid=0)
Oct 8 14:13:07 Sarah-Jane sshd[3932]: Received disconnect from 127.0.0.1: 11: disconnected by user
Oct 8 14:13:07 Sarah-Jane sshd[3814]: pam_unix(sshd:session): session closed for user niccourtman
Oct 8 14:17:01 Sarah-Jane CRON[4099]: pam_unix(cron:session): session opened for user root by (uid=0)
Oct 8 14:17:01 Sarah-Jane CRON[4099]: pam_unix(cron:session): session closed for user root
Oct 8 14:40:27 Sarah-Jane sudo: niccourtman : TTY=pts/0 ; PWD=/home/niccourtman ; USER=root ; COMMAND=/usr/bin/editor /etc/ssh/sshd_config

Is this what you meant?

fukawi1 10-08-2011 10:45 AM

1) how are you forwarding the port?

2) go to http://www.whatsmyip.org does it say your ip is 86.184.34.109

3) i dont know if one can put putty in verbose mode, but if you can, do that? does it have a more descriptive error? is putty set to use the correct port?

4) is the putty box behind a firewall that is preventing it from getting through?

5) did Juako's suggestion of "grep -Ri ssh /var/log/*" come up with any thing?

deep27ak 10-08-2011 10:54 AM

Have you checked whether sshd service is up and running properly on both the machines?

and the iptables setting of both the machines needs to be checked
You have posted the iptables output of your machine and not of the machine of your friend.

There is no issue with putty.

It is something with the sshd service

Check whether your ssh service is up and running
Code:

#ps -aux | grep sshd
Also check for port 22 whether your machine is listening or not

Code:

#netstat -nap | grep :22
Just try restarting the service

Code:

#service sshd restart

and check the connectivity to make sure both machines are in network
Code:

#ping 192.168.0.X(IP of your friends machine)

Try connecting to any other machine whether it gives the same error from both the machines.

(and all the above things needs to be checked on both machines)

frankbell 10-09-2011 09:06 PM

Is the ssh server daemon running on the target machine? Not all distros enable the server (which is what answers your ssh request) by default.

You can check whether it is like this:

Code:

~$ ps -A | grep sshd
 2602 ?        00:00:00 sshd

If the ps command returns nothing, there's nobody home to answer the door when you come knocking.

Also, make sure the ssh port (22 by default) is open in the firewall.

I spent 15 minutes on the phone with a friend today. He was getting the exact results OP is getting and not having sshd running was the reason.


All times are GMT -5. The time now is 07:28 AM.