Question

can't ssh remotely, ssh port is closed from outside

  • Posted on September 2, 2014
  • szeriAsked by szeri

I was able to ssh in remotely to my droplet yesterday. I didn’t change anything but I can’t do it today. I use the standard WordPress on Ubuntu 14.04 droplet.

I can ssh locally back to the server using the droplet console. I’ve tested from other IP (using http://www.infobyip.com/sshservertest.php ) and it doesn’t work either. Web server on port 80 works.

The firewall seems to be empty:

ipchains -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
 
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
 
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

I also checked /var/log/kern.log when I tried to connect, nothing. I tried to restart the droplet, didn’t help.

I’m kind of lost what else should I try Is there a firewall front of my droplet which might block my ssh? Is there any other diagnostic you could recommend to locate the issue? I would appreciate any help.

Show comments

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

OK, figured out what’s going on. The whole confusion came from my DNS setup.

The @ record is set up as an URL redirect. This apparently using my domain name provider’s server and returning their IP.

The A record set to www.mydomain.com which has the proper IP and ssh works with it.

OK, I can ssh in now. It seems it’s some DNS IP address resolution issue. When I ping (or ssh to) using domain name it shows an IP which is not the IP of my droplet and that’s why the ssh is not working.

What confused me that even the IP from ping is incorrect, the request from browser using the domain name is somehow reaching the server. Because of that I wrongly assumed that trying to ssh with domain name is reaching the correct IP too.

I’m going to look a bit more into this DNS issue now, thanks for the tips anyway.

Yes, It just times out. sshd server is up and running and listening on port 22:

netstat -plant | grep :22
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      2851/sshd
tcp6       0      0 :::22                       :::*                   LISTEN      2851/sshd

Also, ssh from console works:

telnet localhost 22
Trying ::1...
Connected to localhost.
Escape character is '^]'.
SSH-2.0-OpenSSH_6.6.1p1 Ubuntu -2ubuntu2

The support say they can access ssh. It’s weird because I tried from different IPs and never works. If anyone keen to try it would you please check it and share the results? 178.62.45.184