How to Fix the SSH ‘Connection Refused’ Error on Linux
Reading Time: 4 minutesThe SSH ‘connection refused’ error can prevent you from accessing remote machines on a network. Here’s how you can troubleshoot it.
SSH is a network protocol that allows you to securely access and manage a remote system over a network. While connecting to a remote machine via SSH, you might have encountered the ‘connection refused’ error. Experiencing this issue can be frustrating especially if you are a system admin and have to perform some tasks on the remote system on an urgent basis.
Let’s look at some of the possible causes of getting the SSH ‘connection refused’ error and methods to resolve it.
1. Check if an SSH Server Is Installed
One possible cause of the ‘connection refused’ error is that the remote machine is not running an SSH server. Without the SSH server, the machine will not accept incoming SSH connections, and you will not be able to access it remotely.
So the very first step in troubleshooting the error is to check whether an SSH server is installed on the remote machine. Use the following command to verify the SSH server installation:
On Debian-based distributions:
dpkg --list | grep ssh
On RHEL-based distributions:
yum list installed | grep ssh
On openSUSE:
zypper search -i | grep ssh
On Arch-based distributions:
pacman -Q | grep ssh
If the SSH server is installed on the remote machine, you will see it listed in the output. Otherwise, you must install the OpenSSH server on the remote machine you want to access via SSH. OpenSSH is an open-source version of the SSH tools for remotely accessing and controlling systems.
To install the OpenSSH server, use the following commands:
On Debian-based distributions:
sudo apt install openssh-server
On RHEL-based distributions:
sudo yum install openssh-server
On openSUSE:
sudo zypper install openssh
On Arch-based distributions:
pacman -S openssh
2. Check the SSH Service Status
Another reason for getting the ‘connection refused’ error can be that the SSH service is disabled or not running on the remote machine. Once you are sure that the SSH server is installed, the second thing you need to check is the status of the server.
sudo systemctl status sshd
If the service is up and running, the output will indicate it as active (running). Otherwise, you will see something like inactive (dead).
If the SSH server is not running, you can start it manually using the following command:
sudo systemctl start sshd
You can also enable the service to automatically start at boot with:
sudo systemctl enable sshd
3. Check the SSH Port
By default, the SSH server runs on port 22. However, one can change the default port. Therefore, if you receive the SSH ‘connection refused’ error, it may be because you are attempting to connect to the SSH server on the default port 22 while it is running on some different port.
You can use the netstat command with grep to find the port the SSH server is listening on:
sudo netstat -plntu | grep ssh
You can also find the SSH port from the sshd_config file using the following command:
grep port /etc/ssh/sshd_config
After identifying the correct SSH port, try connecting to your remote system using that specific port.
4. Check Your System Firewall
Most of the connectivity problems occur due to your machine’s firewall blocking some ports or services. If the remote machine has the SSH server installed and running, the next step is to check your firewall.
To figure out whether the firewall is blocking the connection, temporarily disable the firewall using the following commands:
On Debian and Arch-based Linux distributions:
sudo ufw disable
On RHEL-based distributions and openSUSE:
sudo systemctl disable firewalld
If the error does not appear after disabling the firewall, it means that the firewall was blocking the connection. In this case, re-enable the firewall and add a rule that allows SSH.
On Debian and Arch-based Linux distributions, use the following command to allow SSH in the UFW firewall:
sudo ufw allow ssh
Alternatively, you can also allow SSH by the port number in the firewall. Let’s say the SSH server is using port 5555, then you would use the following command to allow it in the firewall:
sudo ufw allow 5555
To verify if the rule has been added successfully, check the UFW status:
sudo ufw status
On RHEL-based distributions and openSUSE, use the following command to allow SSH in the firewall:
sudo firewall-cmd --permanent --add-service=ssh
To allow SSH by port number, use the following command:
sudo firewall-cmd --permanent --add-port={port}/tcp
For an SSH server running on port 4444, the command would be:
sudo firewall-cmd --permanent --add-port=4444/tcp
To verify the successful addition of the rule in the firewall, run:
sudo firewall-cmd --list-all
5. Resolve IP Address Conflicts
There is also a chance of the SSH ‘connection refused’ error occurring due to the SSH server IP conflicting with another system’s IP in the network. This happens when two systems on a network claim to have same the IP address, resulting in an IP conflict.
To confirm if there is an IP conflict in your network, use the arp-scan tool as follows:
arp-scan [network-id]
If there is an IP conflict, you will see the duplicate IP address in the output. The below screenshot is an example of an IP conflict in a network:
To avoid IP conflicts, make sure no devices have static IP addresses that overlap with the DHCP pool addresses.
Bonus Tip: Run SSH in Verbose Mode
Whenever you encounter an SSH error, try running the ssh command in verbose mode to track down the issue. To run SSH in verbose mode, use the ssh command with the -vvv option as follows:
ssh -vvv username@ip_address
In verbose mode, you will see debugging messages in each step of the connection that will help you understand where the problem lies.
Troubleshooting the SSH ‘Connection Refused’ Error on Linux
By identifying the potential causes of the SSH connectivity error and implementing the suggested solutions, you will be able to troubleshoot and resolve the SSH ‘connection refused’ error. In addition to these steps, make sure you are connecting to the correct IP address and using the right login credentials.
To make your remote connection more secure, you can set up two-factor authentication for SSH on Linux.
Reference: https://www.makeuseof.com/fix-ssh-connection-refused-error-linux/
Ref: makeuseof
MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG