SSH Error logging in
Hi, I'm getting the following when trying to SSH into my Linode. "ssh: connect to host xx.xxx.xxx.xxx port 22: Connection refused".
I've seen this answered previously but the level of detail seemed to assume a level of knowledge I don't possess.
That message is a generic error message, meaning it doesn't help with troubleshooting assistance.
If you could run the following, it'll provide more information which would allow folks to help you:
ssh $user@$IPAddress -vvv
Be sure to change that to include the proper user & password. The
-vvv flag will print a verbose response to the screen, which in term will give a more specific reason why you're unable to access the server. If you have any questions or are confused by the output, feel free to copy/paste & update this post to allow other to assist you.
I was struggling super hard until I figured out that your username on the server is very likely root and not your linode account username.
after executing: "ssh $user@$xx.xxx.xxx.xxx -vvv"
One thing I found confusing is the IP address to be as expected but with one numeral missing from the first two?
I got the following:
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: resolve_canonicalize: hostname x.xxx.xxx.xxx is address
debug1: Connecting to x.xxx.xxx.xxx [x.xxx.xxx.xxx] port 22.
debug1: connect to address x.xxx.xxx.xx port 22: Operation timed out
ssh: connect to host x.xxx.xxx.xxx port 22: Operation timed out
Before we dive into troubleshooting this issue let me first breakdown this error message.
The default port for SSH is 22. Your local machine is attempting to make a connection to your sever through that port and the Linode is refusing to let that connection through.
Troubleshooting this can be a bit tricky, as there is no one size fits all solution. However I got a few tricks and some juicy guides that should be able to get you back on track. Since SSH is not working, LISH will be your best friend for all troubleshooting steps.
Once you've signed in to LISH you'll want to verify the ssh service is running. This command will vary depending on your distribution. For this post I'm going to stick with Debian, but refer to the attached guides to find your specific commands.
Check SSH Status
sudo systemctl status sshd -l
If the service is running try initiating your ssh in verbose mode with the -vvv flag. This will display a detailed read-out for each step of the connection, which can help identify where the problem is occurring.
Finally, I would recommend checking your firewall rules (if you're running one).
sudo iptables-save # displays IPv4 rules
sudo ufw status
These a some good first steps. For further troubleshooting check out the guides linked below
@vic_fontaine Thanks for the help.
Starting to feel like this is beyond me.
Disappointed in Linode's help. Really feel like I'm on my own with a tough problem.
When I run:
Missing privilege separation directory: /var/run/sshd
So I created that directory.
Sounds like the sshd directory disappearing after a reboot is a common problem with Ubuntu
I ran: service ssh start
and the service is restarted. Now I get prompted on my Mac to enter the password when SSH'ing but when I enter it I get 'Permission Denied, please try again'
I'm in. I may have been entering the password wrong. So hard to tell in Terminal what you're typing.
Oddly, when Googling I came across this and it was a huge help.
Hope this helps someone else.
Keyyyyyyyristtttttt, it happened again after Linode started upgrading (mutating) my Linode.
This has become a problem for many, this is due to kept back packages which are out of date and not current with the author/vendor releases.
I am more than willing to take some time out of my day, and sitdown with you fellas to crack this nut. I thrive on problem solving.
Question, are you using IPTables or UFW?
When I switched to UFW, my machines started having all kinds of problems.
Solution to UFW dropping your services by accident…. Do not use UFW.
sudo apt install net-tools -y && sudo apt remove ufw -y && sudo apt autoremove -y && git clone https://github.com/diveyez/fw.sh && cd fw.sh && bash bl.sh && echo "We are now going to protect you from threats my linode has identified as malicious because I am a nice guy and why not? Right!"; echo "All your base are belong to YOU!";
Feel free to fork the firewall and modify it, I beg you to. There is geoblocking, as well as real time threat identity fetching, and plenty of modular capacity and room for growth as a firewall based on scripting.
I want to see lots of table top ninjas bypassing connectivity problems by using the oldest tricks in the books. IPTables FTW.
There is a possible problem with NTP, as well as central certificate authorities. Even Alpine is having a MAJOR issue with this as of late.
Do not beat yourself, or your fellow linode up, stay calm and seek the 5 points of fellowship. We are stronger together!
You can find my contact information very easily through the github, reach out and lets setup a day and time to work the problem.