What you should check when SSH connection is refused in Linux ?
In initial settings of Linux server like CentOS or Ubuntu, sometimes you fail SSH connection.
This article shows what you should check when SSH connection is refused in Linux.
SSH connection is refused
When you try to connect to Linux by SSH application like Tera Term, you would see "connection refused".
What you should check
- Server side
- SSH service software
- Service is working or not
- Server IP is known in the network or not
- Accsess from outside is allowed or not
- FW allows access or not
- Client side
- Network path from client to server
SSH service software
There is a software openssh-server , you can install it by apt-get install .
$ sudo apt-get install openssh-serverssh connection to ubuntu - Qiita
After installation, you can execute below.
$ ssh -V
Then you can see the result. So installation is done correctly.
OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6, OpenSSL 1.0.1f6 Jan 2014
Activate SSH on Ubuntu 14.04 - wide_snow’s blog
Service is working or not
In order to check openssh-server is working or not, You can try SSH connection from the server to the server itself.
If you could login, openssh-server is working.
$ ssh (IP address of server)Server IP is known in the network or not
You can check IP address of server by ifconfig command.
You can use ip a command too.
But ifconfig command can't prove that IP is known in the network or not.
If other machine uses same IP address, IP address conflict happens on network.
Then you can use nmap command and check MAC address of IP that network(LAN) knows.
First you can activate nmap by apt install .
$ sudo apt install nmapThen you check MAC address of IP on network.
In below case, network is 192.168.0.xxx.
$ sudo nmap 192.168.0.0/24 -sPIf MAC address that nmap shows is not same as the MAC address that you checked by ifconfig, it means that there is IP address conflict.
Port Connection refused in case of SSH connection | TOMMY NOTES
Install nmap
Accsess from outside is allowed or not
You can check access denied list in /etc/hosts.deny.
If client access is denied in the list, you can comment or delete it.
$ sudo nano /etc/hosts.deny
$ sudo rebootsettings (/etc/hosts.allow、/etc/hosts.deny)
How to apply hosts.allow hosts.deny | teratail
Access control by hosts file - renoji.com
FW allows access or not
You can check FW allows access or not by ufw status command.
$ sudo ufw statusIf port 22 is not allowed, you can allow it.
$ sudo ufw allow sshHow to open port in Ubuntu - Qiita
Network path from client to server
With using ping command, you can check that network path runs from client to server.
If response comes, network path is OK.
$ ping (IP address of server)Finally
- If SSH connection is refused, check SSH software, network path, IP address conflict.
