ssh: Connection timed out

Hello,

I created a linode with the Ubuntu 20.10 image. Trying to ssh into it times out consistently after 2 minutes or so:

$ ssh -vvv [email protected]
OpenSSH_8.2p1 Ubuntu-4ubuntu0.1, OpenSSL 1.1.1f  31 Mar 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug2: resolve_canonicalize: hostname 172.105.179.155 is address
debug2: ssh_connect_direct
debug1: Connecting to 172.105.179.155 [172.105.179.155] port 22.
debug1: connect to address 172.105.179.155 port 22: Connection timed out
ssh: connect to host 172.105.179.155 port 22: Connection timed out

(I've changed the IP address slightly for privacy)

I can ping the machine okay, telnet is rejected:

[01:40 PM] ~ $ ping 172.105.179.155
PING 172.105.179.155 (172.105.179.155) 56(84) bytes of data.
64 bytes from 172.105.179.155: icmp_seq=1 ttl=52 time=149 ms
64 bytes from 172.105.179.155: icmp_seq=2 ttl=52 time=82.0 ms
64 bytes from 172.105.179.155: icmp_seq=3 ttl=52 time=41.4 ms
^C
--- 172.105.179.155 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 41.372/90.940/149.495/44.595 ms
[01:47 PM] ~ $ telnet 172.105.179.155
Trying 172.105.179.155...
telnet: Unable to connect to remote host: Connection refused

I used LISH to login and went through the troubleshooting steps, nothing seems out of order:

[email protected]:~# systemctl status sshd -l
● ssh.service - OpenBSD Secure Shell server
     Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: e>
     Active: active (running) since Sat 2021-01-02 00:20:21 UTC; 23min ago
       Docs: man:sshd(8)
             man:sshd_config(5)
    Process: 12523 ExecStartPre=/usr/sbin/sshd -t (code=exited, status=0/SUCCES>
   Main PID: 12525 (sshd)
      Tasks: 1 (limit: 1065)
     Memory: 1.1M
     CGroup: /system.slice/ssh.service
             └─12525 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups

Jan 02 00:20:21 localhost systemd[1]: Starting OpenBSD Secure Shell server...
Jan 02 00:20:21 localhost sshd[12525]: Server listening on 0.0.0.0 port 22.
Jan 02 00:20:21 localhost sshd[12525]: Server listening on :: port 22.
Jan 02 00:20:21 localhost systemd[1]: Started OpenBSD Secure Shell server.
[email protected]:~# iptables-save && echo $?
0
[email protected]:~# ufw status
Status: inactive
[email protected]:~# firewall-cmd --status
Command 'firewall-cmd' not found, but can be installed with:
apt install firewalld
[email protected]:~# egrep -i '(password|permit|port|rsa)' /etc/ssh/sshd_config
#Port 22
#HostKey /etc/ssh/ssh_host_rsa_key
PermitRootLogin yes
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# PasswordAuthentication.  Depending on your PAM configuration,
# the setting of "PermitRootLogin without-password".
# PAM authentication, then enable this but set PasswordAuthentication
#GatewayPorts no
#PermitTTY yes
#PermitUserEnvironment no
#PermitTunnel no
#       PermitTTY no
PasswordAuthentication yes

I also tried rebooting the Linode, and a more targeted restarting of the sshd service with:

systemctl restart sshd

Any ideas?

5 Replies

@xaio --

telnet(1) doesn't work because there is no server. telnet(1) is insecure because the telnet protocol is a cleartext protocol. It's almost never installed by default anymore (it's still available but it's use is highly discouraged). Ditto for ftp(1)

Can you show the output of:

iptables -vL

You'll have to do this at the lish console.

-- sw

Thank you for the help @stevewi, somehow it is all now working. No idea why, haven't touched the node or my network since I posted this.

Edit:

Looks like the problem's back after doing an apt update && apt upgrade -y && reboot.

@stevewi here's the output from that iptables command, run through lish:

[email protected]:~# iptables -vL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 

Another symptom found: I can't connect to the outside world from the node:

[email protected]:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
45 packets transmitted, 0 received, 100% packet loss, time 45041ms
[email protected]:~# curl google.com
curl: (6) Could not resolve host: google.com

Now I can reach the outside internet from a console via LISH, so I exited out of that, and ssh is working again. No idea what has changed in the last 45 minutes.

The command output is a dump of your firewall. If misconfigured, the symptoms you're seeing could result. I don't have a clue why everything would right itself after awhile.

-- sw

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct