When managing your servers, you will often need to use the Secure Shell (SSH) protocol, but sometimes you might see a “Connection Refused” message.
If so, then don’t worry, because in this post we will explain five ways to fix the SSH connection refused error – as well as answering some of the frequently asked questions we receive from people with this issue.
Let’s get started!
What Causes the SSH Connection Refused Error?
SSH (Secure Shell) is a protocol used for secure remote logins and other secure network services over an insecure network.
There are several reasons why you might encounter a “Connection Refused” error when trying to connect via SSH:
1. Incorrect SSH Port
SSH uses port 22 by default, but many security professionals recommend changing it to something arbitrary to reduce brute force attacks. If you’re trying to connect to a different port that isn’t open or configured for SSH, you’ll get a connection refused error.
Suggested read: 3 Ways to Fix Too many Authentication Failures SSH Root? [SOLVED]
2. Incorrect SSH Login Credentials
There are two main ways to log in to a server via SSH – with either a password, or with SSH keys. If you enter the wrong username-password combination, or use the incorrect SSH key, then the SSH daemon on the server will refuse the connection.
If you’re using PuTTY to connect to your server, then you should read our guide on How To Use SSH Keys with PuTTY on RunCloud.
3. SSH Isn’t Installed on Server
If the SSH server software isn’t installed on the server, or if it’s not running, you won’t be able to connect. You can check if the SSH server is running using the following command:
systemctl status ssh
In the above example, we can see that the server displays Active (running) status which means it is ready to accept incoming SSH requests.
4. SSH Access Has Been Disabled
SSH provides complete access to your server, meaning you can remotely access any data and execute arbitrary commands from anywhere across the world. Due to this, it can be a problem if hackers are able to establish an SSH connection with your server. To avoid this, many server administrators disable SSH entirely on the server for security reasons. If this is the case, you’ll need to enable SSH access before you can connect to the server.
5. Server Firewall Conflicts with SSH
Quite often, servers are secured behind firewalls to withstand cyber attacks. If your firewall is blocking incoming traffic on the SSH port then you will get a connection refused error. You’ll need to adjust the firewall settings to allow SSH connections.
If you’re using RunCloud, then you can access these settings from the Security tab on your RunCloud dashboard:
How to Fix the SSH Connection Refused Error
Here are some steps you can take to troubleshoot and fix an SSH “Connection Refused” error:
1. Verify Your SSH Port
If you are using a cloud VPS, then you might be able to use a built-in SSH login functionality that allows you to access your machine remotely. If you are able to log in to your server with this method and not via the command line, then you might be connecting to the wrong port.
You can verify the SSH port by checking the SSH configuration file (/etc/ssh/sshd_config) on the server using the following command:
grep Port /etc/ssh/sshd_config
In the above example, we can see that the line starts with a # symbol, i.e., it is commented. If you want to change the default port number, then you can edit this configuration file using nano and uncomment it.
2. Check Your SSH Login Credentials
When logging in to the server, your username on the server will be different from your username on your laptop. Make sure you’re using the correct username and password. If you’re unsure, you can ask the administrator of the server to reset your password or create a new user with SSH access.
3. Ensure SSH Is Installed on the Server
You can check if SSH is installed by running the command which ssh on the server. If SSH is not installed, you can install it using the package manager for your operating system (for example, apt-get install openssh-server on Ubuntu).
Suggested read: How to Use SFTP with FileZilla to Securely Transfer Files on RunCloud
4. Enable SSH Access on your Server
It is possible that the SSH daemon is installed on your server, but is disabled for security reasons. If SSH access has been disabled, you’ll need to enable it using the following command:
sudo service ssh start
In the above example, we have used the service command to start the SSH daemon, which didn’t return any errors. This means that the service was started successfully.
Additionally, if the service is already running then it won’t make any changes, i.e. it will keep running.
5. Resolve Server Firewall Conflicts with SSH
If the server’s firewall is blocking SSH connections, you’ll need to adjust the firewall settings. This can usually be done by adding a rule to allow connections on the SSH port (usually port 22). The exact command will depend on your firewall software (for example, ufw allow 22 for UFW on Ubuntu).
If you’re using RunCloud, you can easily configure your firewall settings and set-up fail2ban to automatically block malicious robots that try to brute force into your server.
Final Thoughts
In this post, we’ve explored various reasons behind the SSH Connection Refused error, and provided solutions to address this issue and similar problems with SSH. As we’ve seen, the causes can range from server-side problems to client-side misconfigurations, and each issue requires a unique approach to resolve.
Managing SSH connections across multiple servers can be a daunting task, especially when dealing with complex web applications. This is where RunCloud comes into play.
RunCloud simplifies Linux server management and makes it easy to manage SSH connections across multiple servers. It provides straightforward solutions for deploying and managing your web applications, thereby reducing the complexity of server operations.
So why wait? Take the first step towards hassle-free server management.
Sign up for RunCloud today and experience the ease of managing SSH connections and web applications like never before.
FAQ on SSH Connections
How do I fix port 22 connection refused?
The error “port 22: Connection refused” typically indicates that your SSH client is unable to establish a connection with the SSH server. It can occur due to various reasons:
The SSH server may not be running on the remote host.
The host or IP address provided could be incorrect.
The SSH server may be using a different port than the default port 22.
A firewall might be blocking the SSH connection.
There could be network connectivity issues between the client and server.
What is the cause of the connection being refused?
The “Connection Refused” error occurs when a server refuses to establish a connection with a client. This can happen for a variety of reasons:
The server is not running.
The server is overloaded and cannot accept new connections.
The client is trying to connect to the wrong port.
The client’s IP address is blocked by the server.
How do I debug SSH connection issues?
To debug SSH connection issues, you can use the verbose mode in SSH. The -v flag in the SSH command provides debugging information about the SSH connection progress. There are different levels of verbosity; using multiple -v flags increases the verbosity (the maximum verbosity level is 3).
How do I SSH into an IP address?
To SSH into an IP address, use the SSH command followed by the username and the IP address of the server. For example, ssh username@ip_address.
How do I reset my SSH connection?
To reset your SSH connection, you can restart the SSH service using the following command: sudo systemctl restart ssh.service.
How do I know if my SSH is blocked?
If you are unable to establish an SSH connection, it could be because your firewall is blocking the SSH port. You can check your firewall settings to see if the SSH port (default is 22) is allowed.
What is the difference between SSL and SSH?
Both SSL and SSH are cryptographic protocols used for secure communication over a network, but they serve different purposes. SSL is primarily used for securing web-based communications, while SSH is used for secure remote access to servers and devices.
What is the difference between SSH and telnet?
SSH and Telnet are both protocols used for remote terminal service – the key difference is that SSH provides a secure, encrypted connection, while Telnet does not. This makes SSH more secure, and the preferred method for remote access.
On which port SSH is running?
By default, SSH runs on port 22.
Why Does PuTTY Say Connection Refused?
The “Connection Refused” error in PuTTY usually means that the network connection PuTTY tried to make to your server was rejected by the server. This can happen if the server does not provide the service which PuTTY is trying to access.