How to: Troubleshoot SSH Connection Issues using VNC Console

TABLE OF CONTENTS

• STEPS TO TRY WHEN TROUBLESHOOTING SSH CONNECTIONS:
  • 1. Ping your VPS
    • Ping is Successful Now What?
  • 2. Use VNC to gain access if internet connection is established but SSH is not.
  • 3. Verify the VPS Firewall Rules
  • 4. Verify the SSH Service Status
  • 5. Verify the SSH Port

SSH is the main way to connect and interact with your SkySilk VPS. When the connection fails it can be for a number of reasons and be difficult to pinpoint the root cause. 

If you are running into issues establishing an SSH connection there are a number of things you can investigate.

STEPS TO TRY WHEN TROUBLESHOOTING SSH CONNECTIONS:

1. Ping your VPS

As with most network connectivity problems the first step should be to ping your server. This eliminates basic network connectivity issues as the root cause of the connection error.

If you do not know how to ping your server, you can refer to our Ping Guide for further information.

Ping is Successful Now What?

If a ping test is successful but you are still experiencing SSH connection issues you can begin troubleshooting by analyzing the error messages. The following are some common error messages you may encounter:

• Network error: Connection timed out

• Network error: Connection refused

• Unable to open connection to example.com Host does not exist

Note: If the error message refers to the Host it is likely an issue with DNS.

2. Use VNC to gain access if internet connection is established but SSH is not.

If you have password login enabled you can establish a connection through the VNC console on your user dahsboard or a console of your choice to reach your server to troubleshoot SSH issues.

As a summary here are a few simple steps you can take to check if there are issues with your SSH connection

• Double check your IP address and port settings are pointing at the correct IP address and port. Typographical errors are very common!

• Verify the local network firewall you are connecting through allows the port you are using to connect to SSH. The default port is 22.

• Verify your VPS firewall rules to make sure SSH connections are allowed and aren’t being dropped.

• Verify the SSH service is running on your VPS.

• Verify the SSH service is using the correct port.

3. Verify the VPS Firewall Rules

There are three common firewall options used by the different Linux distributions. Debian/Ubuntu distributions use UFW. Red Hat based distributions like CentOS use FirewallD. Both can also make use of iptables. If you are able to gain access via VNC you can try the following:

iptables rules can be checked using the following command

iptables -nL

You are looking for an input chain that allows SSH traffic, ensuring there are none which reject it. SSH uses port 22 as its default port.

FirewallD rules can be checked using the following command

firewall-cmd --list-services

This output displays a list of allowed services, if SSH is on here it is allowed.

UFW rules can be checked using the following command

ufw status

This will display a list of the open ports, you are looking for your SSH port, default is 22.

4. Verify the SSH Service Status

You can check if the SSH service is running the same way you would verify any other service running on your VPS.

For Debian/Ubuntu based distributions you can use the command

service ssh status

The output will display whether the service is running or stopped.

If the service is stopped you can start it with the command

service ssh start

Note: systemctl is also available for Debian/Ubuntu distributions. Remember to use "ssh" instead of "sshd"

For Red Hat based distributions you can use the command

systemctl status sshd

It will show the service as active or inactive in the output.

Note: Red Hat based distributions use "sshd" instead of "ssh"

If the service is inactive you can start it with the following command

systemctl start sshd

5. Verify the SSH Port

The default SSH port is 22. For security purposes this is sometimes changed. To verify the port in use you can check the SSH configuration file, or the running process.

The most common SSH configuration file location is /etc/ssh/sshd_config

You can verify the port in use with the following command

grep Port /etc/ssh/sshd_config

The output will be the configured port.

To confirm the running service is using the correct port you can use the following command

ss -plnt

You are looking for your configured SSH port number being used by “sshd”

For example:

LISTEN     0      128                       *:22                       *:*      
users:(("sshd",pid=20097,fd=3))
LISTEN     0      128                      :::22                      :::*
users:(("sshd",pid=20097,fd=4))

This indicates the SSH service is listening to all connections on port 22.

You can now diagnose the common causes of a failed SSH connection. Remember it is always a good practice to create a VPS snapshot for an easy rollback before making network configuration changes as well!

For further reading on iptables and firewall configuration please refer to the following documentation.

Iptables Documentation

UFW Documentation

FirewallD Documentation