SSH Connection Refused

sirius12 · 04-24-2012, 02:09 PM

Dear All,

I installed the RHEL 5.6 on VM.

I used ssh from another host to this new machine. Encountered the following:
ssh: connect to host 172.20.2.2 port 22: Connection refused

I check the new machine information as the follows:
========================
iptables:
Fire wall is stopped
ps outputs:
root 4002 1 0 09:23 00:00:00 /usr/sbin/sshd
port 22 status:
sshd 4002 root 3u IPv4 12673 TCP *:ssh(LISTEN)
=========================

I also can use ssh to itself.

I can not use scp to copy files from other hosts to the new machine and can not use PUTTY to log on it.

From the strace outputs i only found the following, but i can not find the root cause from it.
=========================
socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
fcntl(3, F_SETFD, FD_CLOEXEC) = 0
connect(3, {sa_family=AF_INET, sin_port=htons(22), sin_addr=inet_addr("172.20.2.2")}, 16) = -1 ECONNREFUSED (Connection refused)
close(3) = 0
write(2, "ssh: connect to host 172.20.2."..., 64ssh: connect to host 172.20.2.2 port 22: Connection refused
) = 64
exit_group(255) = ?
==========================

Please give me some suggestions.

Best Regards.

lithos · 04-24-2012, 03:41 PM

Hi,

I can only give you some points to check, like:

1. try to connect to your server with:

Code:

# ssh -v username@server_ip

or even add some more "v"
ssh -vv ...

to see what is happening when ssh protocol is connecting to your server.

2. check this post here at LQ

and important, if you make any changes FIRST backup your "sshd_config" file and then restart sshd to apply changes!

Since you're running RHEL, why don't you follow some SSH setup example?
SSH install and config

sirius12 · 04-24-2012, 05:41 PM

Hi Thanks for your information.

The issue persists.

ssh -vv outputs as follows:
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 172.20.2.2 [172.20.2.2] port 22.
debug1: connect to address 172.20.2.2 port 22: Connection refused
ssh: connect to host 172.20.2.2 port 22: Connection refused

berkguy · 04-24-2012, 05:53 PM

Is that a public ip? because I couldn't connect to it either.

jschiwal · 04-24-2012, 06:36 PM

Could you check the logs on the server. Sometimes they will say why the connection was refused.

Some things that could cause problems:

Permissions of $HOME/.ssh are too lax
Permissions of $HOME are too lax
UseDNS yes in /etc/ssh/sshd_config, and you don't have a dns entry or entry in /etc/hosts
Entry in /etc/hosts has hostname.domain or hostname listed first, when other is expected. Check for username@hostname in known_hosts entry or authorized_keys entry. It's at the end.
AllowUsers is used in /etc/sshd/sshd_config and you are not listed

sirius12 · 04-24-2012, 07:35 PM

Quote:

Originally Posted by berkguy

Is that a public ip? because I couldn't connect to it either.

Sorry the ip address is just an example. Not a really IP address

Reuti · 04-25-2012, 05:53 AM

/etc/hosts.allow and /etc/hosts.deny could also be in the game. Do they block access to the sshd?

sirius12 · 04-25-2012, 10:14 AM

Hi All,

Firstly, thanks for all your suggestions.

>>/etc/hosts.allow and /etc/hosts.deny
I just installed the OS. I didn't enter any information into these files. Thanks

>>i am root authentication

>>/etc/hosts file
Thanks for the information. I already added the hosts information into this file. I can ping outside hosts before, i suspected the hosts file wasn't the root cause, right?

I can ssh to itself, so i suspect my ssh should be installed, does it make sense?

I am a noob, thanks for all your suggestions!

Best Regards.

sirius12 · 04-25-2012, 10:39 AM

I tried to use ssh form the new host to the outside host. From the strace information, i found it displayed "read from socket failed:Connect"

If the issue can not be resolved, i will reinstall the OS. It doesn't matter. I only concern with the strange behavior.

Regards

Reuti · 04-25-2012, 10:43 AM

What do you mean by

Quote:

I also can use ssh to itself.

in detail? ssh localhost or ssh 172.20.2.2? Maybe the firewall treats it different.

sirius12 · 04-25-2012, 11:23 AM

Quote:

Originally Posted by Reuti

What do you mean by in detail? ssh localhost or ssh 172.20.2.2? Maybe the firewall treats it different.

On the new host, it can use ssh to itself.
$ssh 172.20.2.2

Iptables status is stopped and i also disable SELINUX. Outside hosts' iptables status is also stopped.

Regards.

sirius12 · 04-25-2012, 02:51 PM

Thanks for all your help. I have resolved the problem.
I found the ip address has a conflict with another host. I change the ip address but the issue persists.
Then i compared with the other hosts which can ssh on, i found i used a wrong gw. After i add the default gw, i can use ssh.

Thanks for all your help.

cheers.

jschiwal · 04-25-2012, 08:53 PM

Allowing root logins in ssh is a bad idea. It will be targeted by script kiddies. You can disable root logins in sshd_config. If you need root cron jobs with root access, there is an option that uses key pairs for root logins, even if regular users use password authentication.