News & Updates

Fix SSH "Connection Refused on Port 22" - Quick Solutions

By Ava Sinclair 87 Views
ssh: connect to host port 22:connection refused
Fix SSH "Connection Refused on Port 22" - Quick Solutions

Encountering the error message "ssh: connect to host port 22: connection refused" is a common yet frustrating event for system administrators and developers. This specific output indicates that your client successfully initiated a network connection to the target server but received a reset packet (RST) instead of the expected SSH banner. Essentially, the target machine is actively refusing the connection on the standard Secure Shell port, signaling that no service is listening or that a firewall is blocking the entry point.

Diagnosing the Underlying Causes

The root cause of this error typically falls into one of several categories, ranging from simple service misconfiguration to strict network security policies. Unlike a timeout, which suggests the host is unreachable, a "connection refused" message implies the network path is clear, but the specific port is closed or filtered. This distinction is crucial for troubleshooting, as it directs your attention to the server's configuration rather than network routing issues.

Service Daemon Not Running

The most straightforward explanation is that the SSH daemon (sshd) is not active on the remote host. This can occur after a system reboot where the service failed to start automatically, or it was manually stopped. If the daemon is not running, there is no process bound to port 22 to accept incoming connections, resulting in the immediate refusal message from the operating system.

Firewall or Security Group Restrictions

Modern security configurations often block inbound traffic by default. A host-based firewall like `iptables` or `ufw` on Linux, or the built-in firewall on Windows, might be configured to drop SSH traffic. Similarly, cloud environments rely on Security Groups or Network Access Control Lists (NACLs); if the rules do not explicitly allow inbound traffic on port 22 from your IP address, the connection will be refused regardless of the SSH service status.

Verification and Troubleshooting Steps

Resolving this issue requires a systematic approach to verify each layer of the connection. You should begin by confirming the status of the remote service and then move to network-level verification. Skipping these steps can lead to unnecessary changes on your local machine when the issue resides entirely on the remote end.

Command
Purpose
ping [hostname]
Confirms basic network reachability and that the host is up.
telnet [hostname] 22
Tests if the TCP port is open and accepting connections.
nmap -p 22 [hostname]
Scans the port to determine if it is open, closed, or filtered.

Common Solutions and Fixes

Once the diagnosis is clear, applying the correct fix is usually straightforward. If the SSH daemon is down, you will need console access or a different method (like a web-based cloud console) to restart the service using `sudo systemctl start sshd` or `sudo service ssh start`. For firewall issues, you must log into the server and adjust the rules to allow traffic on port 22 from your specific IP range.

Checking Alternative Ports

Preventing Future Occurrences

A

Written by Ava Sinclair

Ava Sinclair is a Senior Editor covering culture, travel, and premium experiences. She focuses on clear reporting and practical takeaways.