Question

Country-based firewall on Digital Ocean? SSH access not working on while Console access works

ssh 165.227.167.204

Gives ssh: connect to host 165.227.167.204 port 22: Resource temporarily unavailable

I enabled the 22 port and restarted ssh service.

When I ping from a web service I get a reposnse:

PING 165.227.167.204 (165.227.167.204) 56(84) bytes of data.
64 bytes from 165.227.167.204: icmp_seq=1 ttl=48 time=97.5 ms
64 bytes from 165.227.167.204: icmp_seq=2 ttl=48 time=97.2 ms
64 bytes from 165.227.167.204: icmp_seq=3 ttl=48 time=97.1 ms

--- 165.227.167.204 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 97.143/97.313/97.594/0.411 ms

When doing the ping form my computer I get no output.

Got an impression there is a IP or country-based firewall on Digital Ocean. For example, when putting the address in a browser with SSH-tunnel I get

dial tcp 165.227.167.204:80: connect: connection refused

when just putting this into browser I get no response.

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

alexdoOctober 22, 2019

Hello, @epogrebnyak

Can you perform a traceroute to your server/droplet so we can see the hops and where exactly is the issue?

I can see that port 22 is open on 165.227.167.204 and also I’m getting a password prompt when trying to ssh as well.

The traceroute command can be executed like this:

For Windows 8.x and newer:

Use the search window, type command prompt and click on the Command Prompt result.

Type

tracert yourdomain.com

and press Enter.

This will provide traceroute results from your computer to yourdomain.com. You can also use tracert with an IP, i.e. tracert 1.2.3.4

For more information on how to copy and paste the traceroute results, please check this article.

Mac OS You need to open up Terminal, located under Applications -> Utilities -> Terminal and type:

traceroute yourdomain.com

and press Enter.

Alternatively, you can go to the Applications folder -> Utilities -> Network Utility -> Traceroute and specify your domain or IP address.

You can also use traceroute with an IP, i.e. traceroute 1.2.3.4

Linux Open a Terminal window and type:

traceroute -I yourdomain.com

The -I option is necessary so that the traceroute uses ICMP. You can also use traceroute with an IP, i.e. traceroute -I 1.2.3.4

Let me know how it goes.