[SOLVED] SSH: Connection Refused

Abadon125 · 2012-02-02 18:17:47

Hello,
I hate to bring up what is most likely a very simple question but I have spent a couple hours on this now and figured it was time to ask for help. I am for some reason unable to ssh into my arch box. It is a brand new installation, the only thing I have done is install lxde and openssh.

I have changed the port to 25522 and at the bottom of /etc/ssh/sshd_config I added AllowUsers <username> (which is my username) and PermitRootLogin no

I have a ddwrt router and I forwarded the port to the ip my arch box is running on. According to http://www.canyouseeme.org/

Error: I could not see your service on <IP Address> on port (25522)
Reason: Connection refused

Any idea why this is happening, or any additional information I can provide? I do not think it is the routers fault though because I get the same connection denied when trying to connect from another computer on the lan.
Thanks

Last edited by Abadon125 (2012-02-02 19:48:53)

b4data · 2012-02-02 18:41:38

You might want to remove your ip address and username from your post

Have you made sure that sshd is running after installing it? What is the output of

ps aux | grep sshd

If it doesn't show up, try starting the ssh daemon:

/etc/rc.d/sshd start

If it is running, check to see that it's listening on the port you specified:

nmap -p <your_port_here> 127.0.0.1

Last edited by b4data (2012-02-02 18:52:25)

Abadon125 · 2012-02-02 18:49:33

b4data wrote:

You might want to remove your ip address and username from your post

Good point, thanks

SS4 · 2012-02-02 19:00:45

Is there a line in hosts allowing you access ssh?

sshd:192.1.1.1 # your remote box

Have you changed the line in ssh_config to use the port 25522 on (I think) the host [the new install].

What about if you try port 22 (the default)?

ssh -p 22 user@ip

Abadon125 · 2012-02-02 19:00:57

Thanks for the response. It is running already and I have sshd added to the daemons that autostart.
I installed an ran nmap which tells me that the port is closed and the service is unknown. Why would a port be closed? Does Arch come with a firewall installed?

SS4 · 2012-02-02 19:02:10

Abadon125 wrote:

Thanks for the response. It is running already and I have sshd added to the daemons that autostart.
I installed an ran nmap which tells me that the port is closed and the service is unknown. Why would a port be closed? Does Arch come with a firewall installed?

Arch closes all the ports by default. Can you post the output of cat /etc/hosts, cat /etc/ssh_config, cat /etc/sshd_config on the target box (and don't forget to omit sensitive data)

edit: It's good practice to restart the sshd daemon whenever you change a config file.

Last edited by SS4 (2012-02-02 19:03:00)

Abadon125 · 2012-02-02 19:27:03

Alright I think I got all the sensitive info out. This is going to be a bit long

#
# /etc/hosts: static lookup table for host names
#

#<ip-address>	<hostname.domain.org>	<hostname>
127.0.0.1	localhost.localdomain	localhost <My Host Name>
::1		localhost.localdomain	localhost
172.0.0.18	localhost.localdomain	localhost

# End of file



#	$OpenBSD: ssh_config,v 1.26 2010/01/11 01:39:46 dtucker Exp $

# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

# Host *
#   ForwardAgent no
#   ForwardX11 no
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   Port 25522
#   Protocol 2
#   Cipher 3des
#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
#   MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VisualHostKey no
#   ProxyCommand ssh -q -W %h:%p gateway.example.com





#	$OpenBSD: sshd_config,v 1.84 2011/05/23 03:30:07 djm Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

#Port 25522
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

# The default requires explicit activation of protocol 1
#Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
#PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#RSAAuthentication yes
#PubkeyAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile	.ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing, 
# and session processing. If this is enabled, PAM authentication will 
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10
#PermitTunnel no
#ChrootDirectory none

# no default banner path
#Banner none

# override default of no subsystems
Subsystem	sftp	/usr/lib/ssh/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#	X11Forwarding no
#	AllowTcpForwarding no
#	ForceCommand cvs server

AllowUsers <myusername>
PermitRootLogin no

b4data · 2012-02-02 19:32:02

You need to uncomment the line in your sshd_config where you changed the port. And then restart the ssh daemon.

Last edited by b4data (2012-02-02 19:32:31)

Abadon125 · 2012-02-02 19:38:50

Haha well that is very embarrassing, can't believe I missed that. Thanks for you patience!

b4data · 2012-02-02 19:43:29

No prob If your problem's fixed, add [SOLVED] to your thread title.

Arch Linux

#1 2012-02-02 18:17:47

[SOLVED] SSH: Connection Refused

#2 2012-02-02 18:41:38

Re: [SOLVED] SSH: Connection Refused

#3 2012-02-02 18:49:33

Re: [SOLVED] SSH: Connection Refused

#4 2012-02-02 19:00:45

Re: [SOLVED] SSH: Connection Refused

#5 2012-02-02 19:00:57

Re: [SOLVED] SSH: Connection Refused

#6 2012-02-02 19:02:10

Re: [SOLVED] SSH: Connection Refused

#7 2012-02-02 19:27:03

Re: [SOLVED] SSH: Connection Refused

#8 2012-02-02 19:32:02

Re: [SOLVED] SSH: Connection Refused

#9 2012-02-02 19:38:50

Re: [SOLVED] SSH: Connection Refused

#10 2012-02-02 19:43:29

Re: [SOLVED] SSH: Connection Refused

Board footer