SSH is the main way to connect and interact with your SkySilk VPS. When the connection fails it can be for a number of reasons and be difficult to pinpoint the root cause.
If you are running into issues establishing an SSH connection there are a number of things you can investigate.
STEPS TO TRY WHEN TROUBLESHOOTING SSH CONNECTIONS:
1. Ping your VPS
As with most network connectivity problems the first step should be to ping your server. This eliminates basic network connectivity issues as the root cause of the connection error.
If you do not know how to ping your server, you can refer to our Ping Guide for further information.
Ping is Successful Now What?
If a ping test is successful but you are still experiencing SSH connection issues you can begin troubleshooting by analyzing the error messages. The following are some common error messages you may encounter:
Network error: Connection timed out
Network error: Connection refused
Unable to open connection to example.com Host does not exist
Note: If the error message refers to the Host it is likely an issue with DNS.
2. Use VNC to gain access if internet connection is established but SSH is not.
If you have password login enabled you can establish a connection through the VNC console on your user dahsboard or a console of your choice to reach your server to troubleshoot SSH issues.
As a summary here are a few simple steps you can take to check if there are issues with your SSH connection
Double check your IP address and port settings are pointing at the correct IP address and port. Typographical errors are very common!
Verify the local network firewall you are connecting through allows the port you are using to connect to SSH. The default port is 22.
Verify your VPS firewall rules to make sure SSH connections are allowed and aren’t being dropped.
Verify the SSH service is running on your VPS.
Verify the SSH service is using the correct port.
3. Verify the VPS Firewall Rules
There are three common firewall options used by the different Linux distributions. Debian/Ubuntu distributions use UFW. Red Hat based distributions like CentOS use FirewallD. Both can also make use of iptables. If you are able to gain access via VNC you can try the following:
iptables rules can be checked using the following command
You are looking for an input chain that allows SSH traffic, ensuring there are none which reject it. SSH uses port 22 as its default port.
FirewallD rules can be checked using the following command
This output displays a list of allowed services, if SSH is on here it is allowed.
UFW rules can be checked using the following command
This will display a list of the open ports, you are looking for your SSH port, default is 22.
4. Verify the SSH Service Status
You can check if the SSH service is running the same way you would verify any other service running on your VPS.
For Debian/Ubuntu based distributions you can use the command
service ssh status
The output will display whether the service is running or stopped.
If the service is stopped you can start it with the command
service ssh start
Note: systemctl is also available for Debian/Ubuntu distributions. Remember to use "ssh" instead of "sshd"
For Red Hat based distributions you can use the command
systemctl status sshd
It will show the service as active or inactive in the output.
Note: Red Hat based distributions use "sshd" instead of "ssh"
If the service is inactive you can start it with the following command
systemctl start sshd
5. Verify the SSH Port
The default SSH port is 22. For security purposes this is sometimes changed. To verify the port in use you can check the SSH configuration file, or the running process.
The most common SSH configuration file location is /etc/ssh/sshd_config
You can verify the port in use with the following command
grep Port /etc/ssh/sshd_config
The output will be the configured port.
To confirm the running service is using the correct port you can use the following command
You are looking for your configured SSH port number being used by “sshd”
LISTEN 0 128 *:22 *:* users:(("sshd",pid=20097,fd=3)) LISTEN 0 128 :::22 :::* users:(("sshd",pid=20097,fd=4))
This indicates the SSH service is listening to all connections on port 22.
You can now diagnose the common causes of a failed SSH connection. Remember it is always a good practice to create a VPS snapshot for an easy rollback before making network configuration changes as well!
For further reading on iptables and firewall configuration please refer to the following documentation.