Ssh: connect to host, Connection timed out ...

gabsik · 10-07-2018, 11:16 AM

Hi LQ.
I have Debian stretch running on this server and i have issues connecting to SSH from any machine to this server.
Server side i have no firewall running and this is the output connecting from my laptop DEBUG3:

Code:

user1@mylaptop:~$ ssh -T -i .ssh/id_ed25519 -p22222 -vvv user1@mydomain
OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g  1 Mar 2016
debug1: Reading configuration data /home/user1/.ssh/config
debug1: /home/user1/.ssh/config line 1: Applying options for *
debug3: kex names ok: [curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1]
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "MYDOMAIN" port 22222
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to MYDOMAIN [5.6.1.4] port 22222.
debug1: connect to address 5.6.1.4 port 22222: Connection timed out
ssh: connect to host MYDOMAIN port 22222: Connection timed out

From localhost server side connection was successfull.

It might looks like as a connection issue due to data loss or bandwidht but as i said i tried connecting from different machines in the same network and from different networks and it is a connection time out always.
I have instead connected successfully from any client to any other sshd on any other server, so, this is the server configuration in charge:

Quote:

Port 22222
AddressFamily inet
ListenAddress 0.0.0.0
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
MaxStartups 9:20:30
LoginGraceTime 40m
PermitRootLogin no
StrictModes yes
MaxAuthTries 3
MaxSessions 3
AuthorizedKeysFile .ssh/authorized_keys
PubkeyAuthentication yes
AllowUsers user1
IgnoreRhosts yes
PasswordAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
UsePAM no
AllowAgentForwarding yes
AllowTcpForwarding yes
GatewayPorts no
X11Forwarding no
PermitTTY yes
PrintMotd no
PrintLastLog yes
TCPKeepAlive no
ClientAliveInterval 2024
ClientAliveCountMax 1
ServerAliveInterval 5s
UseLogin no
UsePrivilegeSeparation yes
PermitUserEnvironment no
Compression no
UseDNS no
PidFile /var/run/sshd.pid
MaxStartups 10:30:100
PermitTunnel no
#ChrootDirectory none
VersionAddendum none
AcceptEnv LANG LC_*
Banner /etc/issue.net
Subsystem sftp /usr/lib/openssh/sftp-server

i have considered 3 causes for the connection timeout:
1) firewall
2) server side miss configuration
3) Bandwidht congestions or damages.
None of these 3 is the cause.

Wait for your answer,
Have a good evening.

Regards

average_user · 10-07-2018, 11:40 AM

Does 'ssh user@localhost' done on the server itself work?

berndbausch · 10-07-2018, 11:47 AM

In addition to Arkadiusz's suggestion:

Code:

ss -lntp | grep 22222

on the server to check if anything listens at this port.

Code:

tcpdump -neli any port 22222

to see the traffic.

Code:

journalctl -u sshd

for useful log messages.

gabsik · 10-07-2018, 01:18 PM

Sshd is 'listening' on port 22222 is running regulary and no sign in logs of any kind.
It can only be some vps provider issue, i think at this stage. i have just sent an email to the support peoples.
Don't know what else to think ...
The only active access i can have is through the vps provider template ssh client application that connects to some chrooted recovery sshd listening on regular port 22.
Once logged in i manage to connect to my sshd listening on localhost port 22222 by user1.