SSH timeout after Hostname change

August 24, 2015 2k views
Networking System Tools DNS Firewall Ubuntu


I have a mailserver running iRedmail - due to some issues with rDNS and ptr records, I was required to change the hostname.

I changed the following config files:


Since this change, I've been unable to SSH into the server - I've tried multiple points of entry, locally using Putty and from several remote VPSs, all fail with a connection timeout. An example of the timeout:

user@server:~$ ssh -v <user>@<FQDN> -p <port>
OpenSSH6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to <redacted> port <port>.
debug1: connect to address <redacted> port <port> Connection timed out
ssh: connect to host <redacted> port <port>: Connection timed out

Putty shows almost identical logging output.

I've recursively grep'd for the old hostname:

sudo grep -Rio "<old_hostname>" /

Initially, this turned up some PKI entries, so I simply piped the output into sed -i. I've since checked and there are no more references to the old hostname anywhere, yet I still cannot connect. Of course, I've rebooted the server a number of times and ensured all available services are running - if I attempt to SSH into the default port (from which I've changed), I immediately get connection refused.

FYI: I can login via tty1 (console access).

Any help or advice would be appreciated

1 comment
5 Answers

In what you posted, nothing confirms that ssh is actually running.

What does systemctl status sshd reports?

If your OS doesn't have systemd, try ps ax | grep sshd.

Also, try running an nmap scan against your problematic droplet's ssh port.

  • $: ps aux | fgrep sshd

    924 ? Ss 0:00 /usr/bin/sshd -D
    2579 tty1 S+ 0:00 grep --color=auto sshd

    Nmap output:
    <port>/tcp filtered unknown

  • <port>/tcp filtered unknown

    It sounds like there's a firewall running that is blocking connections to the ssh port. Can you post the output of ufw status or iptables-save if you don't use UFW? If you're running fail2ban, try disabling it.

Hi. Are you using Cloudflare by any chance? Also, are you able to SSH into your droplet using the IP address instead of the hostname? (e.g. ssh user@ip -p port)

That was it - I had opened the required port months ago and forgot to persist the change, so the reboot after changing the hostname dropped that change.

Thanks for your help!

Have another answer? Share your knowledge.