Can't connect to SSH server, port 22 refused...

debq · 08-10-2012, 03:49 PM

So I have a CentOS server running on a dedicated machine. I downloaded the opens-server and -clients packages. I can start the server, but cannot connect to it from my laptop. When I attempt to connect from my Mac, the error says it can't connect to port 22.

So I can't really think of anything I did wrong...When I run "/sbin/service sshd status" I get

Code:

/etc/init.d/sshd: line 33 : /etc/sysconfig/sshd: Permission denied
openssh-daemon (pid 3265) is running...

I really hope you guys can help me with this, I've been struggling with it for a while. If anyone needs more information to help debug the problem just lemme know. Just a heads up: I'm a Linux newb, still getting used to everything. Thanks

macemoneta · 08-10-2012, 04:40 PM

You need to open port 22 on the firewall.

debq · 08-10-2012, 05:09 PM

Quote:

Originally Posted by macemoneta

You need to open port 22 on the firewall.

Just tried this... Didn't seem to do the trick. Restarted sshd and also tried opening both port 22s, still no luck.

macemoneta · 08-10-2012, 05:39 PM

Did you remember to apply the change and reload the firewall?

debq · 08-10-2012, 05:50 PM

Quote:

Originally Posted by macemoneta

Did you remember to apply the change and reload the firewall?

Nope, but I tried it again. Still no luck.

macemoneta · 08-10-2012, 05:57 PM

If the server is running on port 22, and the firewall is open, then you should have access on the LAN. If you are still unable to access then either one or the other of these two is not true, or you are trying to connect to the wrong host.

debq · 08-10-2012, 06:23 PM

Quote:

Originally Posted by macemoneta

If the server is running on port 22, and the firewall is open, then you should have access on the LAN. If you are still unable to access then either one or the other of these two is not true, or you are trying to connect to the wrong host.

Pretty sure it should be working. The only criteria I would maybe question is if it's running on port 22. But I figure it has to be since it should run on that by default, from what I understand. I'm all out of ideas at this point.

KinnowGrower · 08-10-2012, 08:11 PM

Please show the out put of the

Code:

#netstat -natup

also 'cut and paste' the complete ( it should show the username on the system) command from client side your are invoking. Please show the error message as well.

debq · 08-10-2012, 10:35 PM

Quote:

Originally Posted by KinnowGrower

Please show the out put of the

Code:

#netstat -natup

also 'cut and paste' the complete ( it should show the username on the system) command from client side your are invoking. Please show the error message as well.

Output of command:

Code:

[root@Joe ~]# netstat -natup
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      1734/rpcbind        
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      2126/sshd           
tcp        0      0 127.0.0.1:631               0.0.0.0:*                   LISTEN      1975/cupsd          
tcp        0      0 127.0.0.1:25                0.0.0.0:*                   LISTEN      2206/master         
tcp        0      0 0.0.0.0:34947               0.0.0.0:*                   LISTEN      1905/rpc.statd      
tcp        0      0 192.168.1.10:35786          23.66.230.218:80            ESTABLISHED 2531/clock-applet   
tcp        0      0 :::111                      :::*                        LISTEN      1734/rpcbind        
tcp        0      0 :::22                       :::*                        LISTEN      2126/sshd           
tcp        0      0 ::1:631                     :::*                        LISTEN      1975/cupsd          
tcp        0      0 :::39837                    :::*                        LISTEN      1905/rpc.statd      
udp        0      0 0.0.0.0:5353                0.0.0.0:*                               1887/avahi-daemon   
udp        0      0 0.0.0.0:111                 0.0.0.0:*                               1734/rpcbind        
udp        0      0 0.0.0.0:43888               0.0.0.0:*                               1887/avahi-daemon   
udp        0      0 0.0.0.0:631                 0.0.0.0:*                               1975/cupsd          
udp        0      0 0.0.0.0:57211               0.0.0.0:*                               1905/rpc.statd      
udp        0      0 0.0.0.0:637                 0.0.0.0:*                               1734/rpcbind        
udp        0      0 0.0.0.0:809                 0.0.0.0:*                               1905/rpc.statd      
udp        0      0 0.0.0.0:68                  0.0.0.0:*                               2595/dhclient       
udp        0      0 :::36330                    :::*                                    1905/rpc.statd      
udp        0      0 :::111                      :::*                                    1734/rpcbind        
udp        0      0 :::637                      :::*                                    1734/rpcbind        
[root@Joe ~]#

This is the command I invoke on the client to connect to the server:

Code:

new-host:~ joe$  ssh root@173.85.114.242
ssh: connect to host 173.85.114.242 port 22: Connection refused

I've tried connecting as root and as the primary user account, both don't work.
Hope that's what you were looking for.

macemoneta · 08-11-2012, 03:09 AM

Root should be refused by default, unless you've changed that in the configuration. Port 22 is listening, so sshd is running. The problem is likely in your firewall configuration. Try running the configuration tool and hit 'disable' to stop the firewall. With the firewall down, try to ssh (as a user, not root).

debq · 08-11-2012, 07:54 AM

Quote:

Originally Posted by macemoneta

Root should be refused by default, unless you've changed that in the configuration. Port 22 is listening, so sshd is running. The problem is likely in your firewall configuration. Try running the configuration tool and hit 'disable' to stop the firewall. With the firewall down, try to ssh (as a user, not root).

Disabled firewall, applied, still get

Code:

:~ joe$  ssh Joe@173.85.114.242
ssh: connect to host 173.85.114.242 port 22: Connection refused

If I try connecting with a two word username(which does not exist on the server), I get

Code:

:~ joe$  ssh Joe k@173.85.114.242
ssh: Could not resolve hostname Joe: nodename nor servname provided, or not known

It probably means nothing. But it's the only result I've ever gotten besides "Connection refused".

My next guess is maybe it has something to do with my router? Maybe forward ports or something? If the machine is running like its supposed to thats the only thing I can think of.

macemoneta · 08-11-2012, 08:07 AM

Your router only comes into play if you are trying to access the host from the Internet.

KinnowGrower · 08-11-2012, 10:46 AM

Can you please paste output of the command (run on ssh server) ?

Code:

ip addr

Also try ssh using private IP if possible.

Also you can do the following to troubleshoot
When you are running ssh command at client. Before that run the command at ssh server and watch for errors

Code:

#tail -f /var/log/auth.log

It will give you info what is happening at server side

debq · 08-11-2012, 02:06 PM

Quote:

Originally Posted by KinnowGrower

Can you please paste output of the command (run on ssh server) ?

Code:

ip addr

Also try ssh using private IP if possible.

Also you can do the following to troubleshoot
When you are running ssh command at client. Before that run the command at ssh server and watch for errors

Code:

#tail -f /var/log/auth.log

It will give you info what is happening at server side

Ok so I've been trying to connect to my public IP. Stupidly enough, I just now tried my private IP and it finally connected. Though how would I go about connecting when I'm not on my LAN network?

KinnowGrower · 08-11-2012, 03:14 PM

Either connect to the server at private LAN IP, using vpn or Public IP, and it should work.