These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for Backup ssh connection refused on the new forum.
Web Hosting and Cloud Computing Control Panels
The first step I would take is to try to SSH in manually. You can add -v to increase verbosity (up to 3, -vvv)
Hi jafinn,
here's the command and following output:
[root@127 ~]# ssh xbk@xxx.xxx.xxx.xxx -p nnn -vvvOpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug2: resolving "xxx.xxx.xxx.xxx" port nnn
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to xxx.xxx.xxx.xxx [xxx.xxx.xxx.xxx] port nnn.
debug1: connect to address xxx.xxx.xxx.xxx port nnn: Connection refused
ssh: connect to host xxx.xxx.xxx.xxx port nnn: Connection refused
Any suggestions?
To add on to andreycheks response, the port should also be listed and can be changed in /etc/ssh/sshd_config. Restart the SSH server afterwards if you change it. Or you could poke around in webmin under servers -> SSH server and see if you spot anything obvious.
Howdy,
Hmm, you may want to verify that the port being used above is where SSH is listening. One way to determine the port SSH is listening on is with this command:
netstat -anlp | grep sshd| grep LISTENDid you open the firewall port on the receiving server?
Hi again, Port 1395 is in /etc/ssh/sshd_config. Result of netstat -anlp | grep sshd| grep LISTEN:
tcp 0 0 0.0.0.0:1395 0.0.0.0:* LISTEN 905/sshdtcp6 0 0 :::1395 :::* LISTEN 905/sshd
and the connecting server's ip address has been added to /etc/csf/csf.allow and etc/csf/csf.ignore I can normally login using putty! PS. SSH connection works after disabling CSF on the source VPS. It means the connecting machine is blocking the connection!!! Any suggestion please?
Well, I'm unfortunately not too familiar with configuring CSF, but it sounds like the key is to either ensure that particular port is open in the firewall, or, that there's some sort of issue with the whitelisting of your server's IP.
The CSF logs on the remote server may have some additional details.
-Eric
Hi all,
Thanks for your useful feedback. This is obviously a firewall issue on the client server side. So, I'd better dig in CSF forums for solution.
Thanks again
Your non standard SSH port will need to be added to the' IPV4 out' on the connecting machine and added to the 'IPV4 in and out' on the receiving machine. Normally CSF detects the SSH port and does this upon install. You must have changed the ssh port after installing csf?
CSF blocks all in and out traffic on the main and the remote. So not only do you have to open up the remote to allow connections from the main, but you have to open the main to connect out on what ever port your using.
For example, if main server is on ssh port 22(probably open by default) but your trying to connect to a remote server running on ssh port 1394. You have to open 1394 OUT on the main and 1394 in and out on the remote.
Thanks Scot.
That was exactly the case. Allowing the IP address only did not work.
CSF has a Temporarily Allow/Deny feature where you can specify the IP address plus the port for a specific period of time. I set this on the client side and now the back is working fine.
The csf -g command helped me see the issue (for further references)
Thanks again everyone for your help :)