Fixing SSH Connection Refused On Port 22: A Step-by-Step Guide
Fixing SSH connection refused on port 22 issues can be frustrating, especially when you need to access your server for critical tasks. The issue is often caused by a misconfigured SSH server, firewalls, or network issues, but the good news is that they're relatively easy to resolve. In this article, we'll walk you through the steps to troubleshoot and fix SSH connection refused on port 22 errors.
When an SSH connection is refused on port 22, it typically means that the SSH server is not listening on that port or the connection is being blocked by a firewall or network issue. According to Cloudflare, "pointing to the right place in the system to look at can be difficult, especially with a complex setup." In this article, we'll focus on providing a clear and detailed guide to help you resolve this issue.
To get started, you'll need to troubleshoot the issue step by step. First, ensure that the SSH server is running and listening on port 22. You can do this by checking the SSH server configuration files and ensuring that the SSH port is set to 22.
Step 1: Check the SSH Server Configuration
The SSH server configuration file is usually located at /etc/ssh/sshd_config. Open this file and check if the Port parameter is set to 22. If it's not set to 22, adjust the value accordingly.
Example: Adjusting the SSH port in /etc/ssh/sshd_config
# nano /etc/ssh/sshd_config
...
Port 22
...
After adjusting the port value, save the file and restart the SSH service to apply the changes.
Step 2: Ensure Firewall Rules Are Correct
Firewall rules can block incoming SSH connections. Check your firewall configuration to ensure that it's allowing incoming SSH connections on port 22. In CentOS and RHEL systems, you can use the firewall-cmd command to check the current firewall rules.
firewall-cmd --list-all will show you the current firewall rules, including the ones related to SSH.
Example: Checking SSH firewall rules in CentOS/RHEL
$ sudo firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
titulo:
forward: no
masquerade: no
... (list of rules)
rule family=inet port port=22 protocol=tcp reject
As you can see in the example above, the rule family=inet port port=22 protocol=tcp reject line indicates that ICMP packets on port 22 are being rejected, effectively blocking incoming SSH connections.
Step 3: Restart the SSH Service
After making changes to the SSH server configuration or firewall rules, restart the SSH service to apply the changes. This can usually be done with the following commands:
sudo systemctl restart sshd (in CentOS, RHEL, and Ubuntu-based systems)
sudo service ssh restart (in older Debian-based systems)
Step 4: Test Your SSH Connection
Once you've made changes and restarted the SSH service, test your SSH connection to ensure that it's working correctly. You can do this by attempting to connect to your server using the SSH client.
ssh user@server_ip will connect to your server using the username 'user' and the server IP.
Example: Testing your SSH connection
$ ssh user@example.com
The authenticity of host 'example.com (192.0.2.1)' can't be established.
ECDSA key fingerprint is SHA256:abcd1234abcd1234abcd1234abcd1234abcd.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'example.com,192.0.2.1 ECDSA' (ECDSA) to the list of known hosts.
user@server_ip's password:
If you're able to connect to your server successfully, it means that the issue is resolved, and you're good to go.
Additional Tips and Tricks
Here are some additional tips and tricks to help you troubleshoot and fix SSH connection refused on port 22 errors:
- Use the
ssh -voption to enable verbose mode and provide additional debugging information. - Check the SSH logs on your server for any error messages that might indicate what's causing the issue.
- Try connecting to your server from a different location or using a different SSH client to rule out any network or client-side issues.
- Consider enabling the PermitRootLogin parameter in the SSH configuration file to allow root login, but be aware that this increases security risks.
Conclusion
Fixing SSH connection refused on port 22 issues requires patience, persistence, and a clear understanding of the troubleshooting steps outlined in this article. By following these steps and taking the necessary precautions, you'll be able to resolve the issue and get back to work on your server. Remember to always document your changes and consider maintaining a backup of your SSH configuration files in case you need to revert to a previous version.
