ssh: Connection timed out


I created a linode with the Ubuntu 20.10 image. Trying to ssh into it times out consistently after 2 minutes or so:

$ ssh -vvv root@
OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname is address
debug2: ssh_connect_direct
debug1: Connecting to [] port 22.
debug1: connect to address port 22: Connection timed out
ssh: connect to host port 22: Connection timed out

(I've changed the IP address slightly for privacy)

I can ping the machine okay, telnet is rejected:

[01:40 PM] ~ $ ping
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=52 time=149 ms
64 bytes from icmp_seq=2 ttl=52 time=82.0 ms
64 bytes from icmp_seq=3 ttl=52 time=41.4 ms
--- ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 41.372/90.940/149.495/44.595 ms
[01:47 PM] ~ $ telnet
telnet: Unable to connect to remote host: Connection refused

I used LISH to login and went through the troubleshooting steps, nothing seems out of order:

root@localhost:~# systemctl status sshd -l
● ssh.service - OpenBSD Secure Shell server
     Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: e>
     Active: active (running) since Sat 2021-01-02 00:20:21 UTC; 23min ago
       Docs: man:sshd(8)
    Process: 12523 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCES>
   Main PID: 12525 (sshd)
      Tasks: 1 (limit: 1065)
     Memory: 1.1M
     CGroup: /system.slice/ssh.service
             └─12525 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups

Jan 02 00:20:21 localhost systemd[1]: Starting OpenBSD Secure Shell server...
Jan 02 00:20:21 localhost sshd[12525]: Server listening on port 22.
Jan 02 00:20:21 localhost sshd[12525]: Server listening on :: port 22.
Jan 02 00:20:21 localhost systemd[1]: Started OpenBSD Secure Shell server.
root@localhost:~# iptables-save && echo $?
root@localhost:~# ufw status
Status: inactive
root@localhost:~# firewall-cmd --status
Command 'firewall-cmd' not found, but can be installed with:
apt install firewalld
root@localhost:~# egrep -i '(password|permit|port|rsa)' /etc/ssh/sshd_config
#Port 22
#HostKey /etc/ssh/ssh_host_rsa_key
PermitRootLogin yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# PasswordAuthentication.  Depending on your PAM configuration,
# the setting of "PermitRootLogin without-password".
# PAM authentication, then enable this but set PasswordAuthentication
#GatewayPorts no
#PermitTTY yes
#PermitUserEnvironment no
#PermitTunnel no
#       PermitTTY no
PasswordAuthentication yes

I also tried rebooting the Linode, and a more targeted restarting of the sshd service with:

systemctl restart sshd

Any ideas?

5 Replies

@xaio --

telnet(1) doesn't work because there is no server. telnet(1) is insecure because the telnet protocol is a cleartext protocol. It's almost never installed by default anymore (it's still available but it's use is highly discouraged). Ditto for ftp(1)

Can you show the output of:

iptables -vL

You'll have to do this at the lish console.

-- sw

Thank you for the help @stevewi, somehow it is all now working. No idea why, haven't touched the node or my network since I posted this.


Looks like the problem's back after doing an apt update && apt upgrade -y && reboot.

@stevewi here's the output from that iptables command, run through lish:

root@localhost:~# iptables -vL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 

Another symptom found: I can't connect to the outside world from the node:

root@localhost:~# ping
PING ( 56(84) bytes of data.
--- ping statistics ---
45 packets transmitted, 0 received, 100% packet loss, time 45041ms
root@localhost:~# curl
curl: (6) Could not resolve host:

Now I can reach the outside internet from a console via LISH, so I exited out of that, and ssh is working again. No idea what has changed in the last 45 minutes.

The command output is a dump of your firewall. If misconfigured, the symptoms you're seeing could result. I don't have a clue why everything would right itself after awhile.

-- sw


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct