SSH access is one of the most important features of any web server. It comes in handy whenever your website is inaccessible because of a bug, a cyberattack, or any other reason to execute the commands on your site.
However, sometimes when you’re trying to use it you may encounter an “SSH connection refused” error, which may block you from logging in to the server and executing your desired commands.
However, you don’t have to be concerned about it. You can easily fix it with a little bit of guidance.
This tutorial explains everything about it and how it can be fixed. Let’s find out!
Why is Port 22 Connection Refused?
The connection to SSH port (i.e. Port 22) can be refused for many reasons. The SSH service may be down, your credentials may be wrong, or a firewall may be blocking the access. You can read more about these reasons below.
What Port Can I Use Instead of 22?
You yourself can’t use an alternative port for SSH — especially not on a shared or VPS hosting server.
Only your hosting provider can configure a different port because they have the access to server OS. However, you can configure any other port on your localhost or dedicated server.
What You’ll Need to Fix SSH Connection Refused Error?
You’ll need the following two things in order to fix the SSH connection refused error:
- A command line tool (i.e. Command prompt);
- Your FTP/SFTP credentials.
How to Fix SSH Connection Refused Error: Step-by-Step Instructions
There are five different reasons that can cause the SSH connection refused error.
So we’ll try to figure out which of them may be causing the issue for you, one by one until we’ve found the real cause and fixed it. Let’s start!
#1. Check The Status of Your SSH Service
The first thing to check is the status of SSH service on your server.
Because if the SSH daemon that listens and responds to SSH requests is down, then obviously you’ll receive the SSH connection refused error. Execute the following command to check the status of SSH service on your server:
sudo service ssh status
Upon executing this command if you receive a response saying “down” then you’ve already identified the reason behind the SSH connection refused error on your server.
Your next step should be to start the SSH daemon. Here’s the command that you can execute to start it:
sudo service ssh restart
Once it has restarted, try to log in again. You’ll be able to log in successfully.
#2. Check Your Credentials
Many times a mistake in the credentials entered by you can also generate the SSH connection refused error.
Characters typed in the command line look slightly different from the characters in plain text, so it’s common to make those mistakes while typing the letters that look alike (i.e. small “L” and capital “I”).
Also, unlike a username-password combination for most places, there are four things that combine to make the credentials of SSH: Hostname (i.e. the IP address of the server), your SFTP username, SFTP password, and port.
If any of them is wrong, the connection to SSH will be refused.
So we’d suggest that you recheck each of these items and try to connect over SSH again.
Pay special attention to the Port — SSH connections are established over port 22, but many hosting providers change it for providing better security.
Connect with your hosting support team to ask if that’s the case, and once you’re sure that every bit of credentials is correct, try to connect again.
#3. Make Sure SSH is Installed on Your Server
It’s also possible that the SSH daemon may be missing altogether from your server.
Generally, all hosting providers include SSH access as they realize that it’s critical for performing various actions, so this is unlikely to be the case.
However, if you have a dedicated server or getting the error on your localhost machine then this reason may be applicable.
The solution, in either of those cases, is to install a reliable SSH daemon (i.e. OpenSSH, Teleport, etc.) on your server. Usually, the installation is simple, and you can complete it by following the installation steps outlined below:
Once you’ve installed the SSH daemon of your choice on your dedicated server or localhost machine, retry to log into the server over SSH.
#4. Change the Port
The various services offered by a computer or network device are provided over various ports. These ports serve as endpoints where a request is directed, and if a port is closed then the request is declined.
Since hackers can utilize unused ports to enter a web server, many hosting providers leave them in a closed state to ensure better security.
But if that’s the case, then you may face trouble while trying to establish a connection over SSH to your server.
So it’s important to check the status of your server’s SSH port if you’re receiving the SSH connection refused error despite trying all the steps outlined above. Here’s the command that you can execute to check that:
sudo lsof -i -n -P | grep LISTEN
Mainly, you want to pay attention to the status of port 22 (or whatever custom port has been set by your host for the purpose of SSH access).
If your SSH port doesn’t appear in the list after executing this command, then it’s in a closed state and you need to connect with your host to get it opened.
#5. Disable Your Firewall
Sometimes the firewall installed on a server can also block attempts to connect to the SSH port.
Firewalls protect a server from hackers trying to gain unauthorized access, but sometimes they can also block the requests from perfectly secure machines and users in their attempts to protect the server.
To deal with that, first of all, open the rules of your server’s firewall installation by executing the following command:
sudo iptables-save # display IPv4 rules
sudo ip6tables-save # display IPv6 rules
Among the rules that are displayed next, look for the following elements:
- dport 22: This defines the number of SSH destination port. Usually, it’s 22. But if your host has defined a custom port then it’ll be something else.
- REJECT: This indicates all connection requests to the port are being rejected;
- DROP: Just like the reject rule, this one also means that the connections to the SSH port are being dropped.
If the results of commands mentioned above for dport 22 (or whatever your SSH port number is) include either REJECT or DROP parameters in them, then your firewall is blocking SSH access.
In that case, you need to change the settings of the destination port to ACCEPT.
You can do that by navigating to the settings of your firewall. If you don’t know how to do that, you can ask your hosting provider to do it for you.
Similar Tutorials to Check Out
- How to Fix the “Your Connection Is Not Private” Error: If your SSL certificate has expired or has a misconfiguration, this error can appear to your visitors and block them from accessing your site. On the other hand, if you’re a visitor who’s receiving it on multiple websites then something may be wrong on your end. This tutorial explains how to deal with it in both situations.
- How to Fix err_connection_reset Errors: The connection reset error is shown when something is wrong either with your network connection or the system’s network configuration. This tutorial explains what you can do to fix it.
- How to Fix the “err_connection_timed_out” Error: This is another nightmare for any user browsing the web – the connection timed out error comes all of a sudden but takes quite some time to go. This tutorial explains how can you fix it on your own.
Wrapping Up
We hope we explained the full procedure of fixing the SSH connection refused error in detail, and you understand everything.
If you still have any doubts, drop them in the comments and we’ll try to answer them.
And if you learned something useful from here, don’t forget to share it on your social media because that’s what encourages us to create more such content.