# HELP! I Seem to have done something to SSH



## jldavid (Aug 5, 2020)

I upgraded my server from 11.2 to 12.1 and in the process am having a problem using ssh and sftp.

This worked to my login at another server before:

ssh mylogin@otherserver.org

Now, I get 

ssh: connect to host otherserver.org port 22: Connection refused

Nothing has changed on the other end. I can log in from other machines to that server using mylogin just fine so it isn't on that end. I have tried removing my server in the other server's .ssh/known_hosts file but I am still not allowed to connect. Nothing in my log files that I can see either. It has to be something I did on my end but I don't know what it is. Any ideas?


----------



## jldavid (Aug 5, 2020)

One other thing. I had been trying to install openssl but that was causing other problems so I deleted the package. When I deleted it it said it also deleted cyrus-sasl-gssapi, krb5 and p5-GSSAPI. Could one of those be the issue?


----------



## SirDice (Aug 5, 2020)

Connection refused means you received a RST in response to a SYN packet. That usually means there's nothing listening on that port, i.e. the service isn't running.



jldavid said:


> I have tried removing my server in the other server's .ssh/known_hosts file but I am still not allowed to connect.


If there was an issue with known_hosts you would still get a connection, but it's going to complain, loudly, about keys not matching. So this is not the cause or the issue, as you will get an entirely different error message.



jldavid said:


> I had been trying to install openssl but that was causing other problems so I deleted the package. When I deleted it it said it also deleted cyrus-sasl-gssapi, krb5 and p5-GSSAPI. Could one of those be the issue?


None of these have a relation with the sshd(8) from the base OS.


----------



## jldavid (Aug 5, 2020)

SirDice said:


> Connection refused means you received a RST in response to a SYN packet. That usually means there's nothing listening on that port, i.e. the service isn't running.



sshd is running fine on my server for incoming connections. I can ssh into it with no problem. I can't ssh OUT and I know the sshd service is running on the other server because I can ssh to it from other machines. This is the only one with a problem and it was working fine until I messed with the system. 

I'm sure I did something to screw this up. I just don't know what.


----------



## SirDice (Aug 5, 2020)

I'm hesitant to call it a firewall issue, because that usually results in a "connection timed out", but it's certainly possible to have a messed up firewall configuration. Another cause, less commonly used, are things like /etc/hosts.allow and /etc/hosts.deny.


----------



## jldavid (Aug 5, 2020)

SirDice said:


> I'm hesitant to call it a firewall issue, because that usually results in a "connection timed out", but it's certainly possible to have a messed up firewall configuration. Another cause, less commonly used, are things like /etc/hosts.allow and /etc/hosts.deny.


I have no firewall installed, the hosts.deny file is empty and the hosts.allow file has "ALL : ALL : allow" so that isn't the problem. I might just have to resort to backing up everything and reinstalling the system but that really should not be necessary.


----------



## scottro (Aug 5, 2020)

You can try using ssh -vvv which will give very verbose output as to what is happening. As a last resort, perhaps you could try install openssh-portable.  It does sound like the other server isn't listening, but you can reach it with other machines, so that's not it. Also, one possible troubleshooting method is to run tcpdump on the listening machine to see if it's receiving the packets from the non-working machine. This gives a some ways of using tcpdump to help isolate packets from the machine in question. 

https://danielmiessler.com/study/tcpdump/

You probably want, assuming the machine that can't ssh out is 1.1.1.1

tcpdump src 1.1.1.1


----------



## SirDice (Aug 5, 2020)

jldavid said:


> I have no firewall installed


What about the receiving end? That could block your connection because your client IP changed? 



jldavid said:


> I might just have to resort to backing up everything and reinstalling the system but that really should not be necessary.


Just analyze the problem and figure it out. There's absolutely no reason to reinstall.


----------

