ssh connection refuse

ssh connection refuse
1030071002Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

omarfaridCommented:
check for firewall or ssh daemon / server not running
0
omarfaridCommented:
check for firewall or ssh daemon / server not running
0
Kerem ERSOYPresidentCommented:
Hi,

Are you sure that your SSH server is up and ruunning?? Will you psot your:

netstat -anpt |grep ": 22"

output here ?

Also post  

iptables -L -n | grep dpt:22

output.

cheers,
K.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Redefine Your Security with AI & Machine Learning

The implications of AI and machine learning in cyber security are massive and constantly growing, creating both efficiencies and new challenges across the board. Check out our on-demand webinar to learn more about how AI can help your organization!

1030071002Author Commented:
asterisk-star@Asterisk:~$ netstat -anpt |grep ":22"
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -              
tcp6       0      0 :::22                   :::*                    LISTEN      -              
tcp6       0      0 ::1:22                  ::1:48172               ESTABLISHED -              
tcp6       0      0 ::1:48172               ::1:22                  ESTABLISHED 5511/ssh  

0
1030071002Author Commented:
asterisk-star@Asterisk:~$ iptables -L-n | dpt:22
iptables v1.4.1.1: can't initialize iptables table `filter': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
-bash: dpt:22: command not found
asterisk-star@Asterisk:~$


0
TintinCommented:
Where are you trying to ssh from?
What client/OS are you using?
0
omarfaridCommented:
if you do

ssh 0

on the server what do you get?

do you have firewall in the path / network which could be resetting the session
0
1030071002Author Commented:
asterisk-star@Asterisk:~$ ssh 0
The authenticity of host '0 (0.0.0.0)' can't be established.
RSA key fingerprint is 00:e7:75:c7:13:f2:c2:69:7e:8c:a7:77:d4:5e:65:8f.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added '0,0.0.0.0' (RSA) to the list of known hosts.
asterisk-star@0's password:

  System information as of Fri Jul 10 19:00:03 EDT 2009

  System load: 1.49              Memory usage: 41%   Processes:       141
  Usage of /:  63.1% of 7.23GB   Swap usage:   3%    Users logged in: 1

  Graph this data and manage this system at https://landscape.canonical.com/

Last login: Fri Jul 10 16:57:39 2009 from localhost


0
Kerem ERSOYPresidentCommented:
Hi,

please use sudo for iptables and netstat..
0
1030071002Author Commented:
using putty from windows 7
0
Kerem ERSOYPresidentCommented:
Can you do putty to your ubuntu ??
0
1030071002Author Commented:
asterisk-star@Asterisk:~$ sudo ssh 0
The authenticity of host '0 (0.0.0.0)' can't be established.
RSA key fingerprint is 00:e7:75:c7:13:f2:c2:69:7e:8c:a7:77:d4:5e:65:8f.
Are you sure you want to continue connecting (yes/no)? y
Please type 'yes' or 'no': yes
Warning: Permanently added '0,0.0.0.0' (RSA) to the list of known hosts.
root@0's password:
Permission denied, please try again.
root@0's password:
Permission denied, please try again.
root@0's password:
Permission denied (publickey,password).
asterisk-star@Asterisk:~$ sudo ssh 0
root@0's password:
Permission denied, please try again.
root@0's password:


0
1030071002Author Commented:
no
0
1030071002Author Commented:
no puttyto ubuntu
0
Kerem ERSOYPresidentCommented:
Will you try this ??

$ ssh localhost

(without sudo. I've meant sudo for netstat and iptables commmands only)
0
1030071002Author Commented:
asterisk-star@Asterisk:~$ sudo ssh localhost
[sudo] password for asterisk-star:
The authenticity of host 'localhost (::1)' can't be established.
RSA key fingerprint is 00:e7:75:c7:13:f2:c2:69:7e:8c:a7:77:d4:5e:65:8f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
root@localhost's password:
Permission denied, please try again.
root@localhost's password:

Permission denied, please try again.
root@localhost's password:
Permission denied (publickey,password).
asterisk-star@Asterisk:~$


0
Kerem ERSOYPresidentCommented:
The problem here is:

when you call ssh with sudo the default user for ssh will be root user. The root user is not ssh enabled by default. So please try ssh without sudo!!!

Will you please post the outputs I've requested ?
0
Kerem ERSOYPresidentCommented:
If you want to enable root user to do ssh then edit your /etc/ssh/sshd_config. Locate the linr:

# PermitRootLogin yes

remove the leading #. restart yourssh server.

/etc/init.d/ssh restart

0
1030071002Author Commented:
already uncommented # PermitRootLogin yes
0
1030071002Author Commented:
connection still say refuse
0
TintinCommented:
On the Linux server run sshd in debug mode, eg:

/usr/sbin/sshd -d

then try connecting and post the output from the debug messages here.
0
1030071002Author Commented:
asterisk-star@Asterisk:~$ sudo /usr/sbin/sshd -d
debug1: sshd version OpenSSH_5.1p1 Debian-5ubuntu1
debug1: read PEM private key done: type RSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: private host key: #0 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: private host key: #1 type 2 DSA
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on 0.0.0.0.
Bind to port 22 on 0.0.0.0 failed: Address already in use.
debug1: Bind to port 22 on ::.
Bind to port 22 on :: failed: Address already in use.
Cannot bind any address.


0
TintinCommented:
Sorry, I forgot you need to shutdown ssh first before running in debug mode.

/etc/init.d/sshd stop
/usr/sbin/sshd -d


Ctrl-C to stop and then do

/etc/init.d/sshd start
0
pramodmraoCommented:
The default SSH port will be 22. In your case port 22 is already used some other service.

Check the service running in 22. Either change the port in that service or change in SSH configuration.
0
Andrew DoadesIT TechnicianCommented:
it'll most likely be your hosts file...

/etc/hosts.allow
/etc/hosts.deny

in hosts.allow just add:

sshd: ALL

this will allow ssh access from everywhere.

Andrew
0
Andrew DoadesIT TechnicianCommented:
You can also look here for more help with your hosts.allow and hosts.deny files...

http://ubuntuforums.org/showthread.php?t=248342

Andrew
0
darrickhartmanCommented:
If the connection is refused, I still say it's the firewall.

What does :
              sudo iptables -L |grep dpt:22
show on the server?
0
Andrew DoadesIT TechnicianCommented:
Its more likely to be the hosts file though.. I will admit I'm wrong if I am wrong, but I wouldn't rule this option out.. I've setup many different Linux and Unix servers and home PCs if my years and this has been a problem from time to time.

Andrew
0
darrickhartmanCommented:
Andrew

I agree that it's a possibility, but unless he's changed something, the default on most linux distros is to allow ssh from anywhere.  The fact that the person asking the question can't copy and paste simple commands as requested above (by the KeremE) doesn't give me much hope that he'll ever solve the problem.
0
Kerem ERSOYPresidentCommented:
Hi,

I understand that your problem with SSH logon is not "connection refused" but it is "root login denied". So it has nothing to do with SSH not working since we already know that SSH is running. But the user called root can not login.

Did you restart your SSH server after allowing root login? If not you can use this command:

sudo /etc/init.d/ssh restart

and retry.

Cheers,
K.

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.