Fix: Linux SSH error "connection refused"

Are you encountering an "SSH Connection refused" error while connecting to your website using SSH?

When utilizing the SSH (Secure Shell) protocol for remote server access, you might encounter an SSH "Connection refused" error message. This common error signifies that your SSH server is not accepting connections.

This tutorial will explore the SSH "Connection refused" error, exploring its underlying causes. We will also provide a comprehensive walkthrough of highly effective techniques to rectify this SSH connection error.

Understanding the SSH "Connection Refused" Error:
The SSH "Connection refused" error is a failure in the network communication protocol when attempting to connect to an SSH server. This error hinders your ability to establish secure encryption for your site and perform more advanced tasks, like executing remote commands. Typically, this issue is triggered by incorrect SSH port settings, invalid credentials, or a disabled SSH service.

The SSH "Connection Refused" Error - Its Root Causes
Frequent scenarios leading to the "Connection Refused" error in SSH, including the absence of an SSH client, the unavailability of an SSH daemon on the remote server, firewall restrictions on the SSH port, inaccurate SSH credentials or port settings, and the SSH service being inactive.

Incorrect SSH Port
The SSH port is your gateway to a remote server, emphasizing the significance of correctly specifying the port when establishing an SSH connection. Failure to do so can lead to the "Connection refused" error message during remote connection attempts.

Resolution
When you try to connect to a remote server, SSH sends a request to a particular port. For the connection to be accepted, the server must have the SSH port accessible. If the port is not open, the server will decline the connection.

By default, SSH uses port 22. If you haven't modified the port configuration, you can confirm whether the server actively listens for incoming connection requests.

For a comprehensive list of all listening ports, execute:

sudo lsof -i -n -P | grep LISTEN

Locate port 22 in the output and verify that its STATE is designated as LISTEN.
As an alternative, you can verify the status of a particular port, such as port 22:
sudo lsof -i:22

The SSH client is not installed.
Another prevalent factor leading to the SSH 'Connection refused' error is the absence of SSH client software on your local system. An SSH client is essential for establishing secure connections with SSH servers. Without the SSH client, you cannot initiate a connection request to an SSH server.

Resolution

Configuring an SSH Client on your device enables you to execute remote commands on your server. To start, verify its presence on your device by entering the following command in your terminal:

ssh

If the terminal displays a list of SSH command options, it indicates that the SSH client is already installed on your system. However, if it responds with "command not found," you must install the OpenSSH Client.

To install the SSH Client on your system, proceed with these instructions:

Launch the terminal on your machine.

Depending on your operating system, run one of the following commands:

For Ubuntu/Debian systems:

sudo apt install openssh-client

For CentOS/RHEL systems:

sudo yum install openssh-client

SSH Daemon Not Installed on the Server
In addition to the SSH client, it is essential to have an SSH Daemon installed on the server to establish a connection from your local device. The SSH Daemon accepts authenticated requests sent by an SSH client. An "SSH Connection refused" problem can arise when the SSH Daemon is not configured correctly.

Resolution
The absence of a Daemon can result in the SSH local host blocking incoming connections.
To verify SSH's availability on the remote server, execute the command:
ssh localhost

If the response from the output is "Connection refused," proceed to the installation of SSH on the server.

For the installation of SSH tools like OpenSSH on the server, you can execute the following command with sudo privileges:
sudo apt install openssh-server

Note: Thankfully, most server providers now include the SSH daemon as a default component in VPS setups. If you are utilizing a VPS, you need not be concerned about this. Typically, this issue arises in dedicated and local host servers.

Reboot or ensble SSH.
An alternative solution to resolve the SSH "Connection Refused" error is to restart the SSH service.

Resolution

The SSH service must be both enabled and operational in the background. The SSH daemon cannot accept connections if the service is not running.

To verify the service's status, input this command:

For Debian 7 and Ubuntu 14.04: sudo service ssh status

For CentOS: sudo service sshd status

For systemd: sudo systemctl status sshd -l

The expected response should indicate that the service is active. If the terminal reports that the service is inactive, you should enable it to resolve the problem.

If the system indicates that the SSH daemon is not active, you can initiate the service by executing:

systemctl start sshd
To ensure the service starts automatically upon boot, run the following command:
sudo systemctl enable sshd

Most web hosting providers typically include a pre-installed SSH Daemon on their servers. If your SSH Daemon's status is "Down, " you should get in touch with your hosting provider to resolve this matter.

Alternatively, you have the option to reboot your SSH service by utilizing the following command:

sudo service ssh restart

Incorrect Credentials
Entering incorrect credentials multiple times can lead to failed login attempts, triggering the SSH 'Connection refused' error. To prevent an SSH connection failure, ensure you input the accurate username, password, hostname, and port.

Next, confirm that you are using the accurate IP address of the server.

Lastly, ensure that the correct SSH port is open. You can validate this by executing:

grep Port /etc/ssh/sshd_config

The output presents the port number, as depicted in the image below.

Verify Your Firewall Configuration

SSH can decline connections because of firewall limitations. Firewalls shield the server from potentially harmful access attempts. Nevertheless, adjusting the firewall settings to permit SSH connections is crucial when SSH is active on your system.

It's essential to confirm that the firewall isn't obstructing SSH connections, as such a hindrance could result in the "connection refused" error.

Resolution

Enabling SSH Connections Through the Firewall

To resolve the abovementioned issue, you can employ ufw (Uncomplicated Firewall), a command-line interface tool for controlling firewall settings.

Enter the below command in your terminal to enable SSH connections:

sudo ufw allow ssh

Enabling SSH connections through the firewall should help resolve the "SSH Connection refused" error and allow you to establish SSH connections to your server.

Debugging and Logging for SSH

You can employ verbose or debugging modes for analyzing SSH problems in Linux. Enabling these modes allows SSH to present comprehensive debugging messages, which prove helpful in troubleshooting issues related to connections, configuration, and authentication.

There are three levels of verbosity accessible:

Level 1 (-v): To enable this level, include the -v option when connecting to a remote server using the ssh command. For instance:

ssh -v [server_ip]

Level 2 (-vv): This level offers increased verbosity. You can activate it with the -vv option:

ssh -vv [server_ip]

Level 3 (-vvv): This level provides the most verbosity and detailed debugging information. You can engage it using the -vvv option:
ssh -vvv [server_ip]

By employing verbose mode and examining system logs, you can gain a deeper insight into SSH issues and troubleshoot them more effectively.

Conclusion

Resolving the "SSH Connection Refused" error is vital for secure remote access to your WordPress site. This guide addresses common causes and offers practical solutions.
Understanding issues like missing SSH clients, firewall blocks, wrong credentials/port settings, and SSH service problems helps troubleshoot effectively.
Follow the outlined steps for installing/configuring SSH clients, ensuring SSH daemons, resolving firewall issues, verifying credentials/port config, and restarting/enabling SSH service to establish a successful connection.


Was this answer helpful?

« Back

chat