ssh: Connection timed out
I created a linode with the Ubuntu 20.10 image. Trying to ssh into it times out consistently after 2 minutes or so:
$ ssh -vvv [email protected] OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f 31 Mar 2020 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files debug1: /etc/ssh/ssh_config line 21: Applying options for * debug2: resolve_canonicalize: hostname 220.127.116.11 is address debug2: ssh_connect_direct debug1: Connecting to 18.104.22.168 [22.214.171.124] port 22. debug1: connect to address 126.96.36.199 port 22: Connection timed out ssh: connect to host 188.8.131.52 port 22: Connection timed out
(I've changed the IP address slightly for privacy)
I can ping the machine okay, telnet is rejected:
[01:40 PM] ~ $ ping 184.108.40.206 PING 220.127.116.11 (18.104.22.168) 56(84) bytes of data. 64 bytes from 22.214.171.124: icmp_seq=1 ttl=52 time=149 ms 64 bytes from 126.96.36.199: icmp_seq=2 ttl=52 time=82.0 ms 64 bytes from 188.8.131.52: icmp_seq=3 ttl=52 time=41.4 ms ^C --- 184.108.40.206 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2001ms rtt min/avg/max/mdev = 41.372/90.940/149.495/44.595 ms [01:47 PM] ~ $ telnet 220.127.116.11 Trying 18.104.22.168... telnet: Unable to connect to remote host: Connection refused
I used LISH to login and went through the troubleshooting steps, nothing seems out of order:
[email protected]:~# systemctl status sshd -l ● ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: e> Active: active (running) since Sat 2021-01-02 00:20:21 UTC; 23min ago Docs: man:sshd(8) man:sshd_config(5) Process: 12523 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCES> Main PID: 12525 (sshd) Tasks: 1 (limit: 1065) Memory: 1.1M CGroup: /system.slice/ssh.service └─12525 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups Jan 02 00:20:21 localhost systemd: Starting OpenBSD Secure Shell server... Jan 02 00:20:21 localhost sshd: Server listening on 0.0.0.0 port 22. Jan 02 00:20:21 localhost sshd: Server listening on :: port 22. Jan 02 00:20:21 localhost systemd: Started OpenBSD Secure Shell server. [email protected]:~# iptables-save && echo $? 0 [email protected]:~# ufw status Status: inactive [email protected]:~# firewall-cmd --status Command 'firewall-cmd' not found, but can be installed with: apt install firewalld [email protected]:~# egrep -i '(password|permit|port|rsa)' /etc/ssh/sshd_config #Port 22 #HostKey /etc/ssh/ssh_host_rsa_key PermitRootLogin yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # PasswordAuthentication. Depending on your PAM configuration, # the setting of "PermitRootLogin without-password". # PAM authentication, then enable this but set PasswordAuthentication #GatewayPorts no #PermitTTY yes #PermitUserEnvironment no #PermitTunnel no # PermitTTY no PasswordAuthentication yes
I also tried rebooting the Linode, and a more targeted restarting of the sshd service with:
systemctl restart sshd
telnet(1) doesn't work because there is no server. telnet(1) is insecure because the telnet protocol is a cleartext protocol. It's almost never installed by default anymore (it's still available but it's use is highly discouraged). Ditto for ftp(1)…
Can you show the output of:
You'll have to do this at the lish console.
Thank you for the help @stevewi, somehow it is all now working. No idea why, haven't touched the node or my network since I posted this.
Looks like the problem's back after doing an
apt update && apt upgrade -y && reboot.
@stevewi here's the output from that iptables command, run through lish:
[email protected]:~# iptables -vL Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination
Another symptom found: I can't connect to the outside world from the node:
[email protected]:~# ping 22.214.171.124 PING 126.96.36.199 (188.8.131.52) 56(84) bytes of data. ^C --- 184.108.40.206 ping statistics --- 45 packets transmitted, 0 received, 100% packet loss, time 45041ms [email protected]:~# curl google.com curl: (6) Could not resolve host: google.com
Now I can reach the outside internet from a console via LISH, so I exited out of that, and ssh is working again. No idea what has changed in the last 45 minutes.