4

I'm getting a constant "connection refused" while trying to connect over SSH from OS X to a CentOS VPS with a WHM control panel. SSH is enabled in WHM, and I've generated SSH keys. I also tried SSH with the firewall off for a minute , but no luck.

After perusing other questions, I've run ssh -vv [email protected] and that gives me:

debug2: ssh_connect: needpriv 0 debug1: connect to address xx.xxx.xx.xx port 22: Connection refused

and running nc -zvw 2 xx.xxx.xx.xx 22 gives me 

nc: connect to xx.xxx.xx.xx port 22 (tcp) failed: Connection refused

What do these really mean? What else can I try?

Improve this question

4 Answers 4

Reset to default
5

The port appears to be closed (or filtered, but you say you've already tried disabling the firewall - you mean the one on the VPS, right?).

Can you please post the output of this command on the VPS if you have access by other means?

netstat -ntlp

It should list all open ports. Check port 22 is up on the right IP if you have several.

Do you have outgoing traffic firewall rules on the OSX client?

Edit: I took the liberty of running a port scan against that host and it doesn't seem to have a firewall up anyway, as many ports are open (you should probably close some or most when you can). SSH doesn't seem to be up though:

Starting Nmap 5.00 ( http://nmap.org ) at 2011-04-13 15:36 GMT+3 Interesting ports on ns1.resume-resource.com (72.249.28.26): Not shown: 958 filtered ports, 31 closed ports PORT STATE SERVICE 21/tcp open ftp 25/tcp open smtp 53/tcp open domain 80/tcp open http 110/tcp open pop3 143/tcp open imap 443/tcp open https 465/tcp open smtps 993/tcp open imaps 995/tcp open pop3s 2200/tcp open unknown

Try /etc/init.d/sshd restart and check /var/log/messages for errors.

Improve this answer
5
  • Actually, it looks like sshd is running on port 2200. ssh -p 2200 72.249.28.26 Commented Apr 13, 2011 at 18:50
  • Actually, the firewall is on. @toppledwagon: you're right about port 2200. Now I get a Permission denied (publickey,gssapi-with-mic) after I continued connecting. Do I need to import the key to OS X? Commented Apr 13, 2011 at 19:01
  • You can tell it to use the key like this (assuming you saved it in ~/.ssh/key-from-VPS): ssh -i ~/.ssh/key-from-VPS -p 2200 72.249.28.26 Commented Apr 13, 2011 at 19:08
  • Hmm.. permission denied on that. Commented Apr 13, 2011 at 19:15
  • Are you sure the key you're using is the private one, and not the public? If unsure you can always generate a new one using ssh-keygen -t dsa on OSX and then importing the corresponding public key on the VPS. Also, as @ThoriumBR says check the permissions on .ssh (the directory) and also on authorized_keys (should be 400). And remember each public key on authorized_keys should be one long line, having line breaks is a common error if you copied/pasted. Commented Apr 13, 2011 at 21:05
1

have you checked /etc/hosts.deny? I once had the denyhosts daemon running by mistake and kept adding my laptop there, until I found and killed it.

Improve this answer
1

If you are getting "Permission denied", make sure that:

1 - Your key is on .ssh/authorized_keys

2 - The permissions on .ssh/authorized_keys are right. Do a chmod -R 700 .ssh to be sure.

Improve this answer
1
  • I found @ThoriumBR to be part of my solution I needed: chmod -R 700 .ssh This then allowed for the known_hosts file to be updated I am working on Mac OS X Commented Sep 2, 2014 at 20:43
-3

is quite a simple fix and can be completed in a few minutes via the standard cPanel /scripts

  1. Login to your server as root via SSH
  2. Run: /scripts/updatenow
  3. Run: /scripts/fixndc

This will fix your problems some of the time, but if it does not, do the following steps:

  1. Login to your server as root via SSH
  2. Run: vi /etc/rndc.conf (or vi /etc/namedb/rndc.conf on FreeBSD) replace all instances of “rndc-key” with “rndckey”
  3. Run: vi /etc/named.conf (or vi /etc/namedb/named.conf on FreeBSD) replace all instances of “rndc-key” with “rndckey”
  4. Run: /scripts/fixnamed
  5. Run: /scripts/fixndc
  6. If you received an error in the last step, run /scripts/fixndc another time.
  7. Restart named (on RH this is service named restart)

If you are still having issues, try checking out the cpanel forums, or contact cpanel support for more help.

Improve this answer
2
  • 1
    I don't see any correlation between named and sshd in this case Commented Mar 11, 2015 at 23:59
  • Sorry i copied this from some where else , its resolve my problem hopfully yours , please feel free to delete it if its not related Commented Mar 12, 2015 at 7:26

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.