Dealing with SSH errors can be frustrating since they prevent you from accessing your servers. SSH (Secure Shell) is an essential tool made for administration tasks and maintenance of servers. Most pages in websites require the user to use SSH to access the server at some point.
If you run into SSH issues, this guide will help you troubleshoot these problems. In this case we’ll work with a virtual server.
Troubleshooting SSH Issues
To resolve SSH connection issues, you need to ensure your Virtual Private Server is working correctly through the web console. Also, check the cloud panel to determine if there are any issues in your area that may affect your VPS.
How to Detect SSH Issues
When you have issues with SSH, it becomes hard to access your server and you will see the following error messages:
Permission denied (publickey)
Or
ssh: connect to host [...] port 22: connection refused
Or
ssh: connect to host [...] port 22: operation timed out
Or
ssh_exchange_identification: read: Connection reset by peer
Or
REMOTE HOST IDENTIFICATION HAS CHANGED
Or
WARNING: UNPROTECTED PRIVATE KEY FILE!
You might also come across the following errors:
bind: Address already in use
Errors Checklist
The following checklist will cover the common SSH errors.
Remote Hostname Identification Error
You may get this error when trying to access through SSH:
REMOTE HOST IDENTIFICATION HAS CHANGED
A hostname error may occur when an SSH host fails to connect using a specific network address.
On the SSH, if you run a command like ssh user@example.com you might see the error below:
error output ssh: Could not resolve hostname example.co: Name or service not known
In PuTTY you may come across an error like this:
PuTTY error output
Unable to open connection to example.com Host does not exist
To resolve this error, follow the steps below;
- Confirm the hostname is spelled properly.
- Confirm that the hostname error can be resolved using the ping command on your system.
If you’re still having DNS issues, you can use the IP address on your virtual server as a reliable solution using ssh user@111.111.111.111 rather than the normal ssh user@example.com
Connection Timeout
This error shows that the user tried to find a connection to the server, but the server refused to load the results within the specified timeout period.
Running the following command ssh user@111.111.111.111 in an OpenSSH will result into the following error:
Error output ssh: connect to host 111.111.111.111 port 22: connection timed out
For PuTTY, you will see this error:
PuTTY error output Network error: Connection time out
To correct this error, use the following steps.
- Make sure that the IP address of the host is correctly written.
- Confirm that the network you’re using allows SSH port connectivity.
- Verify that the firewall rules on your VPS are not on default.
Connection failure
Connection failure is different from a timeout. It means that your request reaches the SSH port but the host refuses to take the request.
In this case, you may see the error below:
Error output ssh: connect to host 111.111.111.111 port 22: connection refused
In PuTTY, you may see something like this:
PuTTY error output Network error: Connection refused
At this point, you may experience similar errors as connection timeout. So you can resolve them using the same steps as described above:
To correct this error, use the following steps.
- Make sure that the IP address of the host is correctly written.
- Confirm that the network you’re using allows SSH port connectivity.
- Verify that the firewall rules on your Virtual server are not set to default.
Solutions to Common SSH Connectivity Issues
Here we discuss the most common troubleshooting techniques for SSH errors.
Firewall Configurations
Some SSH connectivity issues can occur when firewall configurations may be blocking certain ports and services.
To correct this, you will need to learn how to adjust the firewall rules. For instance, Ubuntu servers run on UFW while CentOS use FirewallD.
If you’re using FirewallD, use the command below:
# firewall-cmd --list -services
This should produce a list of all the services you need including SSH running on default port 22 to show that the firewall is working properly:
Output
dhcpv6-client http ssh
For those using UFW, use the ufw status to check the status of the firewall:
# ufw status
The output should look like this:
Status: active To Action From -- ------ ---- 22 LIMIT Anywhere 443 ALLOW Anywhere 80 ALLOW Anywhere Anywhere ALLOW 192.168.0.0 22 (v6) LIMIT Anywhere (v6) 443 (v6) ALLOW Anywhere (v6) 80 (v6) ALLOW Anywhere (v6)
Ensure the SSH port you’re using is listed.
Check the Status of your SSH
If you run into an error when using SSH on VPS, check to make sure the SSH is working properly. This depends on the operating system you are using. For older OS systems such as Ubuntu 14.04, Debian 8, or CentOS6, use the service command. For recent versions, run the systemct1 command.
For Ubuntu 14.04 run the service command, check the status of SSH with the following command:
# service ssh status
If the status is okay, you should see something like this:
output (running) ssh start/running, process 1262
If not, you will see the following message:
output (running) ssh start/waiting
On a system that uses the systemct1 command, check the status using the following command:
# systemct1 status sshd
You should have the following result. Take note of the Active line.
sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled)
Active: active (running) since Mon 2017-03-20 11:00:22 EDT; 1 months 1 days ago
Process: 899 ExecStartPre=/usr/sbin/sshd-keygen (code=exited, status=0/SUCCESS)
Main PID: 906 (sshd)
CGroup: /system.slice/sshd.service
├─ 906 /usr/sbin/sshd -D
├─26941 sshd: [accepted]
└─26942 sshd: [net]If the service isn’t running correctly, you will note the Inactive line showing the following output:
sshd.service - OpenSSH server daemon Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled) Active: inactive (dead) since Fri 2017-04-21 08:36:13 EDT; 2s ago Process: 906 ExecStart=/usr/sbin/sshd -D $OPTIONS (code=exited, status=0/SUCCESS) Process: 899 ExecStartPre=/usr/sbin/sshd-keygen (code=exited, status=0/SUCCESS) Main PID: 906 (code=exited, status=0/SUCCESS)
In case the service isn’t running, start again using systemct1 start sshd or service ssh start depending on the OS system.
Check the SSH Port
SSH service port can be checked using two methods. First is to check the SSH configuration folder, second is to examine how the system is running.
The SSH file in most systems is /etc/ssh/sshd_config. Use the default port 22, although you can use a different configuration line by including a port with a specific number.
Use the following command:
$ gre port /etc/ssh/sshd_config
You should see the following output to show the port number:
output port 22
Use ss to confirm your port is running properly. Use sudo to run ss or use the root user.
You should have something like this:
# ss -p1nt
The result should show the name of the program with a specific port configured. An example should look like this:
output state recv-Q send-Q LISTEN 0 128 LISTEN 0 128
By now you should be able to troubleshoot most SSH issues.
Conclusion
These simple steps should help get up to speed with the SSH issues that may be preventing your system from running properly. We hope this information will be helpful in dealing with SSH problems.
Check out the top 3 Best web hosting services
- To end your queries about Top web hosting, simply click on this link
