Are you encountering the frustrating “Connection refused” error when trying to connect via SSH? This comprehensive guide will help you identify and fix SSH connection issues step by step.
Understanding SSH Connection Refused
When you see the error message
, it typically means:
- SSH daemon (sshd) isn’t running
- Firewall is blocking the connection
- SSH is running on a different port
- Network connectivity issues
- Incorrect SSH configuration
Step-by-Step Troubleshooting
Here is how you can fix this error:
1. Check if SSH Service is Running
On Linux/Unix systems:
On macOS:
2. Verify SSH Port
3. Firewall Configuration
UFW (Ubuntu/Debian):
Firewalld (RHEL/CentOS):
4. Network Connectivity
5. Common SSH Configuration Fixes
Server-side (
):
ListenAddress 0.0.0.0
PermitRootLogin no
PasswordAuthentication yes
Client-side (
):
HostName example.com
Port <span class="token">22</span>
User username
IdentityFile ~/.ssh/id_rsa
Advanced Troubleshooting
1. Debug Mode Connection
2. SELinux Issues (RHEL/CentOS)
3. Log Analysis
Common Issues and Solutions
1. Changed SSH Port
2. IP Address Restrictions
sudo cat /etc/hosts.deny
3. Maximum Connection Attempts
# Modify MaxStartups in sshd_config
MaxStartups 10:30:100
Best Practices for SSH Security
1. Key-Based Authentication
# Copy key to server
ssh-copy-id username@hostname
2. SSH Hardening
PasswordAuthentication no
UsePAM yes
X11Forwarding no
3. Rate Limiting with Fail2Ban
[sshd]
enabled = true
bantime = 3600
findtime = 600
maxretry = 3
Preventing Future Issues
- Regular Maintenance:
- Keep system updated
- Monitor SSH logs
- Backup SSH configurations
- Test connections regularly
- Documentation:
- Document custom configurations
- Keep port numbers recorded
- Maintain IP allowlist
- Document troubleshooting steps
FAQs
Why does SSH connection work locally but not remotely? A: Usually due to firewall rules or SSH configured to listen only on localhost.
How can I verify if port 22 is actually open? A: Use
,
, or
to check port accessibility.
What if I’m locked out completely? A: Access the server directly through console access or contact your hosting provider.
More Articles from Unixmen
Enable SSH Ubuntu: How to Securely Access your Remote Server
[Solved] – How to Fix SSH Permission Denied (Publickey) Error Message