Trouble connecting through SSH tunnel to Droplet

I have an SSH tunneling scheme which works on my local cluster but has connection failures when I try to use it on my Ubuntu droplet. I set up the tunnel in SSH from my local machine like this:

ssh -L 12003: NYTrader -N

NYTrader is defined in my config with the droplet IP and user root. That command works apparently - from my droplet:

root@NYTrader:~# ss -tuln
Netid      State       Recv-Q      Send-Q           Local Address:Port              Peer Address:Port      Process
udp        UNCONN      0           0                    *
udp        UNCONN      0           0                 *
tcp        LISTEN      0           4096              *
tcp        LISTEN      0           4096                 *
tcp        LISTEN      0           1                    *
tcp        LISTEN      0           4096                         *:22                           *:*

I have a script on the droplet sending characters every 2 seconds on 12003.

From my local PC:

 telnet 12003
telnet: Unable to connect to remote host: Connection refused

Why is this connection refused? The tunnel appears to be up?

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Accepted Answer

Not sure where I went wrong - but it’s working now. Thanks for the replies

Bobby Iliev
Site Moderator
Site Moderator badge
June 13, 2024


Does the telnet 12003 command work as expected when you run it on the Droplet itself?

The command you’ve used for the SSH tunnel seems fine, but can you confirm that NYTrader is correctly defined in your SSH config file? It should look something like this:

Host NYTrader
    HostName <Droplet_IP>
    User root
    Port 22

Another thing that you could test out is that there is no firewall rule on your local machine that could be blocking outgoing connections to localhost:12003. You can test that quickly with telnet 12003

Let me know how it goes!

- Bobby

Site Moderator
Site Moderator badge
June 13, 2024


The SSH tunneling setup you described should allow you to forward traffic from port 12003 on your local machine to port 12003 on the remote machine (NYTrader). The fact that ss -tuln shows tcp LISTEN 0 1* on the remote machine means that the port 12003 is indeed open and listening on all interfaces (

However, the connection refused error when you attempt to telnet to on your local machine indicates that the tunnel might not be properly forwarding the traffic or there could be some other issue preventing the connection.

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up

Featured on Community

Get our biweekly newsletter

Sign up for Infrastructure as a Newsletter.

Hollie's Hub for Good

Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.

Become a contributor

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Welcome to the developer cloud

DigitalOcean makes it simple to launch in the cloud and scale up as you grow — whether you're running one virtual machine or ten thousand.

Learn more
DigitalOcean Cloud Control Panel