jckfa
By:
jckfa

UFW Restart Required After Droplet Reboot To Allow SSH

December 21, 2015 1.9k views
Miscellaneous

Pardon my ignorance, DigitalOcean elders, but a lack of answers from the almighty Google Search has resulted in this call for help.

I know the problem is with UFW, I just don't know how to fix it (obviously).

So before rebooting my droplet, everything works as it should—I can log in through SSH no problem. But after the reboot, I get this error:

(first attempt)

ssh: connect to host ###.###.##.### port 22000: Connection refused

(second attempt)

ssh: connect to host ###.###.##.### port 22000: Operation timed out

Then, if I go login through the web console and check UFW with sudo ufw status verbose, I get:

Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
80/tcp                     ALLOW IN    Anywhere
443/tcp                    ALLOW IN    Anywhere
22000/tcp                  ALLOW IN    Anywhere
80/tcp (v6)                ALLOW IN    Anywhere (v6)
443/tcp (v6)               ALLOW IN    Anywhere (v6)
22000/tcp (v6)             ALLOW IN    Anywhere (v6)

(same output as with the command line before the reboot, port 22000 is open)

But if I restart UFW (sudo service ufw restart) in the web console, I can immediately log in through SSH on the command line.

Any ideas why this is happening?

1 Answer

Just fyi for others: The first time I used ufw, I lost total control of my droplet after reboot.

Have another answer? Share your knowledge.