Below are some of the most common issues that might be causing problems for you.
- Your SSH Service Is Down
In order to connect to your server with SSH, it’s service must be running as an SSH daemon – a program that runs in the background to listen for and accept connections.
If this service is down, you will not be able to successfully connect to your server and may receive a Connection refused error
If you suspect that your SSH service might be down, you can run this command to find out. You will need to have physical access to run this command or you will need to connect KVM/Console to your server.
# systemctl status sshd
If the command line returns a status of down, then you’ve likely found the reason behind your connectivity error. Run below command to start the sshd service
# systemctl start sshd
2. You have the wrong credentials
It’s possible that you’re just entering the wrong credentials when trying to connect to your server. There are four below information needed to run SSH:
- Host name. The IP address of the server you’re trying to connect to or your domain name.
- Username. Your ssh username.
- Password. Your ssh password.
- Port. The default port is 22 or any other custom port like 10240.
You can also check to see which port is being used for SSH by running this command:
# grep Port /etc/ssh/sshd_config
3. The port you’re trying to use is closed
A “port” is simply the endpoint to which you’re directed when connecting to your server. When you will face the connection refused error then you can check the ssh port is listening by running below command.
# Netstat -antlp | grep :22
The command line should return a list of ports and their respective “states”. You want port 22’s state to be LISTEN. If it’s not, you’ll need to reopen the port in order to connect to your server.
4. SSH isn’t installed on your server
Servers use SSH daemons to listen for and accept connections. Therefore, if the server you’re trying to connect to doesn’t have one installed, you won’t be able to access it using SSH.
Generally , almost all hosting providers will have SSH daemons installed on their servers by default.
Use below command to install ssh daemons (Centos/Redhat)
# yum install openssh-server
5. Firewall settings are preventing an SSH connection
Since open ports present a security risk, firewalls installed to protect servers from hackers sometimes block connections to them. Unfortunately, this means that even harmless users who are trying to SSH into their servers may receive a Connection refused error as a result of firewall settings.
6. Other issues of unable to access the SSH connection
- Is root login permitted?
SSH can be configured to disable logins for the root user. To check your SSH configuration, run:
# grep PermitRootLogin /etc/ssh/sshd_config
If the value of the PermitRootLogin is no, then try logging in with another user. Or, set the value in /etc/ssh/sshd_config to yes, restart SSH, and try logging in as root again.
- Are password logins accepted?
SSH can be configured to not accept passwords and instead accept public key authentication. To check your SSH configuration, run:
# grep PasswordAuthentication /etc/ssh/sshd_config
If the value of the PasswordAuthentication is no, create a key-pair. Or, set the value in /etc/ssh/sshd_config to yes, restart SSH, and try logging in with your password again.
Where to check the Error logs for ssh logins
You can check the ssh login logs in below file
# less /var/log/secure