LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 04-24-2012, 01:09 PM   #1
sirius12
LQ Newbie
 
Registered: Apr 2012
Posts: 9

Rep: Reputation: Disabled
SSH Connection Refused


Dear All,

I installed the RHEL 5.6 on VM.

I used ssh from another host to this new machine. Encountered the following:
ssh: connect to host 172.20.2.2 port 22: Connection refused

I check the new machine information as the follows:
========================
iptables:
Fire wall is stopped
ps outputs:
root 4002 1 0 09:23 00:00:00 /usr/sbin/sshd
port 22 status:
sshd 4002 root 3u IPv4 12673 TCP *:ssh(LISTEN)
=========================

I also can use ssh to itself.

I can not use scp to copy files from other hosts to the new machine and can not use PUTTY to log on it.

From the strace outputs i only found the following, but i can not find the root cause from it.
=========================
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
fcntl(3, F_SETFD, FD_CLOEXEC) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(22), sin_addr=inet_addr("172.20.2.2")}, 16) = -1 ECONNREFUSED (Connection refused)
close(3) = 0
write(2, "ssh: connect to host 172.20.2."..., 64ssh: connect to host 172.20.2.2 port 22: Connection refused
) = 64
exit_group(255) = ?
==========================

Please give me some suggestions.

Best Regards.
 
Old 04-24-2012, 02:41 PM   #2
lithos
Senior Member
 
Registered: Jan 2010
Location: SI : 45.9531, 15.4894
Distribution: CentOS, OpenNA/Trustix, testing desktop openSuse 12.1 /Cinnamon/KDE4.8
Posts: 1,144

Rep: Reputation: 217Reputation: 217Reputation: 217
Hi,

I can only give you some points to check, like:

1. try to connect to your server with:
Code:
# ssh -v username@server_ip

or even add some more "v"
ssh -vv ...
to see what is happening when ssh protocol is connecting to your server.

2. check this post here at LQ

and important, if you make any changes FIRST backup your "sshd_config" file and then restart sshd to apply changes!

Since you're running RHEL, why don't you follow some SSH setup example?
SSH install and config

Last edited by lithos; 04-24-2012 at 02:44 PM.
 
Old 04-24-2012, 04:41 PM   #3
sirius12
LQ Newbie
 
Registered: Apr 2012
Posts: 9

Original Poster
Rep: Reputation: Disabled
Hi Thanks for your information.

The issue persists.

ssh -vv outputs as follows:
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 172.20.2.2 [172.20.2.2] port 22.
debug1: connect to address 172.20.2.2 port 22: Connection refused
ssh: connect to host 172.20.2.2 port 22: Connection refused
 
Old 04-24-2012, 04:53 PM   #4
berkguy
LQ Newbie
 
Registered: Apr 2012
Posts: 2

Rep: Reputation: Disabled
Is that a public ip? because I couldn't connect to it either.
 
Old 04-24-2012, 05:36 PM   #5
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 656Reputation: 656Reputation: 656Reputation: 656Reputation: 656Reputation: 656
Could you check the logs on the server. Sometimes they will say why the connection was refused.

Some things that could cause problems:
  • Permissions of $HOME/.ssh are too lax
  • Permissions of $HOME are too lax
  • UseDNS yes in /etc/ssh/sshd_config, and you don't have a dns entry or entry in /etc/hosts
  • Entry in /etc/hosts has hostname.domain or hostname listed first, when other is expected. Check for username@hostname in known_hosts entry or authorized_keys entry. It's at the end.
  • AllowUsers is used in /etc/sshd/sshd_config and you are not listed
 
Old 04-24-2012, 06:35 PM   #6
sirius12
LQ Newbie
 
Registered: Apr 2012
Posts: 9

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by berkguy View Post
Is that a public ip? because I couldn't connect to it either.
Sorry the ip address is just an example. Not a really IP address
 
Old 04-25-2012, 04:53 AM   #7
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 13.1
Posts: 1,323

Rep: Reputation: 252Reputation: 252Reputation: 252
/etc/hosts.allow and /etc/hosts.deny could also be in the game. Do they block access to the sshd?
 
Old 04-25-2012, 09:14 AM   #8
sirius12
LQ Newbie
 
Registered: Apr 2012
Posts: 9

Original Poster
Rep: Reputation: Disabled
Hi All,

Firstly, thanks for all your suggestions.

>>/etc/hosts.allow and /etc/hosts.deny
I just installed the OS. I didn't enter any information into these files. Thanks

>>i am root authentication

>>/etc/hosts file
Thanks for the information. I already added the hosts information into this file. I can ping outside hosts before, i suspected the hosts file wasn't the root cause, right?

I can ssh to itself, so i suspect my ssh should be installed, does it make sense?

I am a noob, thanks for all your suggestions!

Best Regards.
 
Old 04-25-2012, 09:39 AM   #9
sirius12
LQ Newbie
 
Registered: Apr 2012
Posts: 9

Original Poster
Rep: Reputation: Disabled
I tried to use ssh form the new host to the outside host. From the strace information, i found it displayed "read from socket failed:Connect"

If the issue can not be resolved, i will reinstall the OS. It doesn't matter. I only concern with the strange behavior.

Regards
 
Old 04-25-2012, 09:43 AM   #10
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 13.1
Posts: 1,323

Rep: Reputation: 252Reputation: 252Reputation: 252
What do you mean by
Quote:
I also can use ssh to itself.
in detail? ssh localhost or ssh 172.20.2.2? Maybe the firewall treats it different.
 
Old 04-25-2012, 10:23 AM   #11
sirius12
LQ Newbie
 
Registered: Apr 2012
Posts: 9

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Reuti View Post
What do you mean by in detail? ssh localhost or ssh 172.20.2.2? Maybe the firewall treats it different.
On the new host, it can use ssh to itself.
$ssh 172.20.2.2

Iptables status is stopped and i also disable SELINUX. Outside hosts' iptables status is also stopped.

Regards.
 
Old 04-25-2012, 01:51 PM   #12
sirius12
LQ Newbie
 
Registered: Apr 2012
Posts: 9

Original Poster
Rep: Reputation: Disabled
Thanks for all your help. I have resolved the problem.
I found the ip address has a conflict with another host. I change the ip address but the issue persists.
Then i compared with the other hosts which can ssh on, i found i used a wrong gw. After i add the default gw, i can use ssh.

Thanks for all your help.

cheers.
 
Old 04-25-2012, 07:53 PM   #13
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 656Reputation: 656Reputation: 656Reputation: 656Reputation: 656Reputation: 656
Allowing root logins in ssh is a bad idea. It will be targeted by script kiddies. You can disable root logins in sshd_config. If you need root cron jobs with root access, there is an option that uses key pairs for root logins, even if regular users use password authentication.

Last edited by jschiwal; 04-25-2012 at 08:06 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh connection refused Verlager Linux - Networking 7 02-26-2008 05:54 PM
SSH connection Refused gatesr494 Linux - Networking 5 01-05-2008 05:43 AM
ssh connection refused - trying to set up ssh server at home openSauce Linux - Server 10 10-18-2007 04:38 PM
ssh - connection refused Murdock1979 Linux - Networking 1 11-22-2006 11:21 PM
SSH Connection Refused meping Linux - Networking 9 04-15-2006 01:04 AM


All times are GMT -5. The time now is 08:07 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration