It looks like you're new here. If you want to get involved, click one of these buttons!Sign In Register
It looks like you're new here. If you want to get involved, click one of these buttons!
If there is an issue with SSH on your VPS, this guide will provide basic steps to investigate SSH connection issue.
If you cannot connect to your VPS with your current VPS password, or you forgot it, you can connect to our client area and reset your VPS root password. Here is a guide how to do it.
If your SSH connection attempts are timing out or are being immediately rejected, then your SSH service might not be running, or your firewall might block SSH connections.
So you can connect to your VPS via Emergency Console.
To check your SSH service status, you need to connect to your VPS and run one of these commands:
1) Ubuntu 16.04+, Debian 8+, CentOS 7+, etc:
sudo systemctl status sshd -l
2) CentOS 6:
sudo service sshd status
3) Ubuntu 14.04, Debian 7
sudo service ssh status
If the output shows that your SSH is not running, then try to restart your SSH:
sudo systemctl restart sshd
sudo service sshd restart
Ubuntu 14.04, Debian 7:
sudo service ssh restart
If it won't help, then check your VPS logs of SSH::
sudo journalctl -u sshd -u ssh
Ubuntu 14.04, Debian 7
If SSH status is active, make sure on what port SSH service is running. Run netstat on your server to check which port is used by SSH. For this, you can use this command:
sudo netstat -plntu | grep ssh
By default, SSH service runs on 22 port, but if you see a different port, then try to connect to your VPS via SSH by using that port:
ssh username@IP_address -p port
If SSH service is running on your VPS, but you still cannot connect through SSH, then check your logs, to make sure that another service is not bounded on the same port as SSH. If in the logs, you see this message:
Bind to port 22 on 0.0.0.0 failed: Address already in use.
Then it means that another service on your server is already using the same port that SSH binds to. So this is a reason why SSH you cannot connect to your VPS via SSH. There are some ways to solve this issue:
1) Bind SSH service to a different port:
2) Stop the other service:
Use netstat command to check which other process is using the same port (as an example, we use 22 port);
sudo netstat -plntu | grep :22
Then stop that process:
sudo systemctl stop some-other-service
sudo systemctl disable some-other-service
Or simply kill the process using the process ID listed next to the process name when you check processes with the command - netstat.
3) Change other service port to a different port:
Again use netstat command to find what service is bound to the same port. Then, change the configuration for that service to use a different port. Ater that, you need to restart SSH service.
If you can start the SSH service successfully, but your connections still time out or are rejected, then review your firewall rules. It might e that you have blocked SSH connection on your firewall.
To check that, you can review your current firewall ruleset:
sudo iptables-save # displays IPv4 rules
sudo ip6tables-save # displays IPv6 rules
Also, if you have configured on your VPS FirewallD or UFW, make sure if you are running either package with these commands:
sudo ufw status
sudo firewall-cmd --state
when the rules will be listed, make sure that your rule for SSH looks something like this:
-A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j ACCEPT
The rule says that you allow SSH connection in your VPS.
Additionally, for some time, you might to disable the firewall on your VPS to be sure that it is not a reason why you cannot connect to your VPS via SSH.
Note 1: The disabled firewall increases the security risk on your VPS, so make sure that you will re-enable it after you investigate your firewall configuration.
sudo iptables-save > ~/iptables.txt
sudo iptables -P INPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -t nat -F
sudo iptables -t mangle -F
sudo iptables -F
sudo iptables -X.
Note 2: You might need to do all these steps with ip6tables command to flush your IPv6 rules.
Note 3: Do not miss to use a different name for the IPv6 rules file.
If SSH is listening and accepting connections but is rejecting login attempts, you should check logs of rejected attempts.
Also, make sure that logins are not disabled for the root user. It can be checked with the command:
grep PermitRootLogin /etc/ssh/sshd_config
Note 4: If the value of the PermitRootLogin is no, then try logging in with another user. Or, set the value in /etc/ssh/sshd_config to yes. After that, you need to restart SSH, and try logging in as root again.