Network error: Connection refused puttyPutty Login error through SSH (Network error: Connenction timeout)Filezilla or WinSCP alternative for UbuntuPermission denied (publickey) error right after generating the SSH keysSSH is allowing remote connections only after a local login to the serverSSH key authentication looking at wrong place?How to convert Filezilla PPK to openssh sftp compatible keyPermission denied via ssh accessWindows Server 2012 Putty Connection Network error: Connection refused + Not Access to UbuntuWhy is ecryptfs only mounting private home directory over ssh?Putty fatal error: Network error: connection refused (ubunty server)network error: connection refused after killing one process I guessPutty Login error through SSH (Network error: Connenction timeout)Not able to ssh for instance created by devstackPUTTY Fatal Error: Server Refused Our Key Using Ngrok TunnelingPublic key authentication Permission denied (publickey)Putty : connection timed out in public network (Ubuntu 16.04)Windows Server 2012 Putty Connection Network error: Connection refused + Not Access to UbuntuSSH Invalid key length on embedded device
How can I portion out frozen cookie dough?
Can multiple states demand income tax from an LLC?
How does a sound wave propagate?
Help! My Character is too much for her story!
What is the orbit and expected lifetime of Crew Dragon trunk?
Tool for measuring readability of English text
PTIJ: Sport in the Torah
Should I file my taxes? No income, unemployed, but paid 2k in student loan interest
Can I challenge the interviewer to give me a proper technical feedback?
3.5% Interest Student Loan or use all of my savings on Tuition?
Unidentified signals on FT8 frequencies
Boss Telling direct supervisor I snitched
Why restrict private health insurance?
Why does this boat have a landing pad? (SpaceX's GO Searcher) Any plans for propulsive capsule landings?
ESPP--any reason not to go all in?
How do you make a gun that shoots melee weapons and/or swords?
Can I negotiate a patent idea for a raise, under French law?
Limpar string com Regex
How spaceships determine each other's mass in space?
Is there a logarithm base for which the logarithm becomes an identity function?
Precision notation for voltmeters
Ultrafilters as a double dual
How can I have x-axis ticks that show ticks scaled in powers of ten?
I've given my players a lot of magic items. Is it reasonable for me to give them harder encounters?
Network error: Connection refused putty
Putty Login error through SSH (Network error: Connenction timeout)Filezilla or WinSCP alternative for UbuntuPermission denied (publickey) error right after generating the SSH keysSSH is allowing remote connections only after a local login to the serverSSH key authentication looking at wrong place?How to convert Filezilla PPK to openssh sftp compatible keyPermission denied via ssh accessWindows Server 2012 Putty Connection Network error: Connection refused + Not Access to UbuntuWhy is ecryptfs only mounting private home directory over ssh?Putty fatal error: Network error: connection refused (ubunty server)network error: connection refused after killing one process I guessPutty Login error through SSH (Network error: Connenction timeout)Not able to ssh for instance created by devstackPUTTY Fatal Error: Server Refused Our Key Using Ngrok TunnelingPublic key authentication Permission denied (publickey)Putty : connection timed out in public network (Ubuntu 16.04)Windows Server 2012 Putty Connection Network error: Connection refused + Not Access to UbuntuSSH Invalid key length on embedded device
I am trying to log in to my server with ssh keys (I use putty to do it) but every time I try to connect it says Network error: Connection refused
. I believe it's something wrong with the public key not sure though. The key looks like this:
rsa-key-public AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcN
hsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepde
aYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8Vm
JaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmq
iP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQ
MJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
but all in one line. I used puttygen to create the key and it looked like this by deafult:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-public"
AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcN
hsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepde
aYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8Vm
JaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmq
iP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQ
MJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
---- END SSH2 PUBLIC KEY ----
Output of cat /etc/ssh/sshd_config
:
# Package generated configuration file
# See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for
#Port 2222
# Use these options to restrict which interfaces/protocols sshd will bind to
ListenAddress 192.168.1.20
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationinterval 3600
ServerKeyBits 2048
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin prohibit-password
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile ~/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
Xl1Forwarding yes
Xl1DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
*Banner /etc/issue.net
# Allow client to pass locale environment variables
AcceptEnv LANG LC *
Subsystem sftp /usr/lib/openssh/sftp-server
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of *PermitRootLogin without-password*.
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM no
Output service ssh status
/ systemctl status ssh.service
:
peter@PM-server:-$ service ssh status
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/systemissh.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2017-04-03 16:02:13 CEST; 3h 37min ago
Main PID: 1577 (sshd)
Tasks: 7 (limit: 4915)
Memory: 23.1M
CPU: 3.774s
CGroup: /system.slice/ssh.service
├─1577 /usr/sbin/sshd -D
├─2351 sshd: peter [priv]
├─2359 sshd: peter@pts/0
├─2360 -bash
├─2395 systemctl status ssh.service
└─2400 pager
Apr 03 16:25:11 PM-server sudo[2030] :pam_unix(sudo:session): session opened for user root by peter(uid=0)
Apr 03 16:32:45 PM-server sudo[2030] :pam_unix(sudo:session): session closed for user root
Apr 03 16:50:45 PM-server sshd[2068] : Accepted password for peter from 192.168.1.19 port 57813 ssh2
Apr 03 17:19:14 PM-server sudo[2135] peter : TTY=pts/0 ; PWD/home ; USER=root ; COMMAND/bin/chown peter:peter peter
Apr 03 17:19:14 PM-server sudo[2135] :pam_unix(sudo:session): session opened for user root by peter(uid=0)
Apr 03 17:19:14 PM-server sudo[2135] :pam_unix(sudo:session): session closed for user root
Apr 03 19:25:09 PM-server sshd[2351] : Accepted password for peter from 192.168.1.19 port 56635 ssh2
Apr 03 19:26:05 PM-server sudo[2372] peter : TTY=pts/0 ; PWD/home/peter ; USER=root ; COMMAND/bin/systemctl
Apr 03 19:26:05 PM-server sudo[2372] :pam_unix(sudo:session): session opened for user root by peter(uid=0)
Apr 03 19:28:14 PM-server sudo[2372] :pam unix(sudo:session): session closed for user root
Here is the out put of sudo systemctl
.
Output of sudo sshd -T
port 22
protocol 2
addressfamily any
listenaddress [::]:22
listenaddress 0.0.0.0:22
usepam yes
serverkeybits 1024
logingracetime 120
keyregenerationinterval 3600
x11displayoffset 10
maxauthtries 6
maxsessions 10
clientaliveinterval 0
clientalivecountmax 3
streamlocalbindmask 0177
permitrootlogin without-password
ignorerhosts yes
ignoreuserknownhosts no
rhostsrsaauthentication no
hostbasedauthentication no
hostbasedusesnamefrompacketonly no
rsaauthentication yes
pubkeyauthentication yes
kerberosauthentication no
kerberosorlocalpasswd yes
kerberosticketcleanup yes
gssapiauthentication no
gssapikeyexchange no
gssapicleanupcredentials yes
gssapistrictacceptorcheck yes
gssapistorecredentialsonrekey no
passwordauthentication yes
kbdinteractiveauthentication no
challengeresponseauthentication no
printmotd no
printlastlog yes
x11forwarding yes
x11uselocalhost yes
permittty yes
permituserrc yes
strictmodes yes
tcpkeepalive yes
permitemptypasswords no
permituserenvironment no
uselogin no
compression delayed
gatewayports no
usedns no
allowtcpforwarding yes
allowagentforwarding yes
allowstreamlocalforwarding yes
streamlocalbindunlink no
useprivilegeseparation yes
fingerprinthash SHA256
pidfile /var/run/sshd.pid
xauthlocation /usr/bin/xauth
ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256- ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
macs umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256- etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac- 64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
versionaddendum none
kexalgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2- nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman- group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14- sha256,diffie-hellman-group14-sha1
hostbasedacceptedkeytypes ecdsa-sha2-nistp256-cert- v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521- cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert- v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh- ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
hostkeyalgorithms ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2- nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh- ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2- nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa- sha2-256,ssh-rsa
pubkeyacceptedkeytypes ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa- sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh- ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2- nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa- sha2-256,ssh-rsa
loglevel INFO
syslogfacility AUTH
authorizedkeysfile .ssh/authorized_keys .ssh/authorized_keys2
hostkey /etc/ssh/ssh_host_rsa_key
hostkey /etc/ssh/ssh_host_ecdsa_key
hostkey /etc/ssh/ssh_host_ed25519_key
acceptenv LANG
acceptenv LC_*
authenticationmethods any
subsystem sftp /usr/lib/openssh/sftp-server
maxstartups 10:30:100
permittunnel no
ipqos lowdelay throughput
rekeylimit 0 0
permitopen any
server ssh putty keys
|
show 3 more comments
I am trying to log in to my server with ssh keys (I use putty to do it) but every time I try to connect it says Network error: Connection refused
. I believe it's something wrong with the public key not sure though. The key looks like this:
rsa-key-public AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcN
hsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepde
aYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8Vm
JaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmq
iP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQ
MJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
but all in one line. I used puttygen to create the key and it looked like this by deafult:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-public"
AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcN
hsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepde
aYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8Vm
JaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmq
iP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQ
MJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
---- END SSH2 PUBLIC KEY ----
Output of cat /etc/ssh/sshd_config
:
# Package generated configuration file
# See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for
#Port 2222
# Use these options to restrict which interfaces/protocols sshd will bind to
ListenAddress 192.168.1.20
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationinterval 3600
ServerKeyBits 2048
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin prohibit-password
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile ~/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
Xl1Forwarding yes
Xl1DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
*Banner /etc/issue.net
# Allow client to pass locale environment variables
AcceptEnv LANG LC *
Subsystem sftp /usr/lib/openssh/sftp-server
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of *PermitRootLogin without-password*.
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM no
Output service ssh status
/ systemctl status ssh.service
:
peter@PM-server:-$ service ssh status
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/systemissh.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2017-04-03 16:02:13 CEST; 3h 37min ago
Main PID: 1577 (sshd)
Tasks: 7 (limit: 4915)
Memory: 23.1M
CPU: 3.774s
CGroup: /system.slice/ssh.service
├─1577 /usr/sbin/sshd -D
├─2351 sshd: peter [priv]
├─2359 sshd: peter@pts/0
├─2360 -bash
├─2395 systemctl status ssh.service
└─2400 pager
Apr 03 16:25:11 PM-server sudo[2030] :pam_unix(sudo:session): session opened for user root by peter(uid=0)
Apr 03 16:32:45 PM-server sudo[2030] :pam_unix(sudo:session): session closed for user root
Apr 03 16:50:45 PM-server sshd[2068] : Accepted password for peter from 192.168.1.19 port 57813 ssh2
Apr 03 17:19:14 PM-server sudo[2135] peter : TTY=pts/0 ; PWD/home ; USER=root ; COMMAND/bin/chown peter:peter peter
Apr 03 17:19:14 PM-server sudo[2135] :pam_unix(sudo:session): session opened for user root by peter(uid=0)
Apr 03 17:19:14 PM-server sudo[2135] :pam_unix(sudo:session): session closed for user root
Apr 03 19:25:09 PM-server sshd[2351] : Accepted password for peter from 192.168.1.19 port 56635 ssh2
Apr 03 19:26:05 PM-server sudo[2372] peter : TTY=pts/0 ; PWD/home/peter ; USER=root ; COMMAND/bin/systemctl
Apr 03 19:26:05 PM-server sudo[2372] :pam_unix(sudo:session): session opened for user root by peter(uid=0)
Apr 03 19:28:14 PM-server sudo[2372] :pam unix(sudo:session): session closed for user root
Here is the out put of sudo systemctl
.
Output of sudo sshd -T
port 22
protocol 2
addressfamily any
listenaddress [::]:22
listenaddress 0.0.0.0:22
usepam yes
serverkeybits 1024
logingracetime 120
keyregenerationinterval 3600
x11displayoffset 10
maxauthtries 6
maxsessions 10
clientaliveinterval 0
clientalivecountmax 3
streamlocalbindmask 0177
permitrootlogin without-password
ignorerhosts yes
ignoreuserknownhosts no
rhostsrsaauthentication no
hostbasedauthentication no
hostbasedusesnamefrompacketonly no
rsaauthentication yes
pubkeyauthentication yes
kerberosauthentication no
kerberosorlocalpasswd yes
kerberosticketcleanup yes
gssapiauthentication no
gssapikeyexchange no
gssapicleanupcredentials yes
gssapistrictacceptorcheck yes
gssapistorecredentialsonrekey no
passwordauthentication yes
kbdinteractiveauthentication no
challengeresponseauthentication no
printmotd no
printlastlog yes
x11forwarding yes
x11uselocalhost yes
permittty yes
permituserrc yes
strictmodes yes
tcpkeepalive yes
permitemptypasswords no
permituserenvironment no
uselogin no
compression delayed
gatewayports no
usedns no
allowtcpforwarding yes
allowagentforwarding yes
allowstreamlocalforwarding yes
streamlocalbindunlink no
useprivilegeseparation yes
fingerprinthash SHA256
pidfile /var/run/sshd.pid
xauthlocation /usr/bin/xauth
ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256- ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
macs umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256- etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac- 64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
versionaddendum none
kexalgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2- nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman- group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14- sha256,diffie-hellman-group14-sha1
hostbasedacceptedkeytypes ecdsa-sha2-nistp256-cert- v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521- cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert- v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh- ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
hostkeyalgorithms ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2- nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh- ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2- nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa- sha2-256,ssh-rsa
pubkeyacceptedkeytypes ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa- sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh- ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2- nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa- sha2-256,ssh-rsa
loglevel INFO
syslogfacility AUTH
authorizedkeysfile .ssh/authorized_keys .ssh/authorized_keys2
hostkey /etc/ssh/ssh_host_rsa_key
hostkey /etc/ssh/ssh_host_ecdsa_key
hostkey /etc/ssh/ssh_host_ed25519_key
acceptenv LANG
acceptenv LC_*
authenticationmethods any
subsystem sftp /usr/lib/openssh/sftp-server
maxstartups 10:30:100
permittunnel no
ipqos lowdelay throughput
rekeylimit 0 0
permitopen any
server ssh putty keys
Ok, you are have customized your/etc/ssh/sshd_config
and at the moment it is running but not listen to any port:#Port 2222
. Also it listen only to IP address192.168.1.20
. At first look, this could be the reason why our test (ssh $USER@localhost
which meansssh current-user-name@127.0.0.1 -p 22
) doesn't pass. So just for the test change these two lines like this:Port 22
and#ListenAddress 192.168.1.20
- it will listen to any IP to port 22. Restart the service:sudo systemctl restart ssh.service
(orsudo service ssh restart
), and try to connect again:ssh $USER@localhost
.
– pa4080
Apr 3 '17 at 18:48
Also this line is incorrect:AuthorizedKeysFile ~/.ssh/authorized_keys
. It must be:AuthorizedKeysFile %h/.ssh/authorized_keys
. Here you are, how/etc/ssh/sshd_config
looks by default in Ubuntu Server 16.04.1.
– pa4080
Apr 3 '17 at 19:11
Ok, I will make these changes later today and report back how the test went.
– KV-2
Apr 4 '17 at 7:14
I have now done the changes in the sshd_config file, restarted the ssh service and executedssh peter@PM-server
. I got this outputssh: connect to host pm-server port 22: Connection refused
.
– KV-2
Apr 4 '17 at 14:34
I think there is something wrong in/etc/ssh/sshd_config
. Please try to use the original configuration that I shared - just copy and paste all lines in yoursshd_config
file. Then use this command:sudo sshd -T
to do a quick test of the syntax of the configuration file.
– pa4080
Apr 4 '17 at 14:56
|
show 3 more comments
I am trying to log in to my server with ssh keys (I use putty to do it) but every time I try to connect it says Network error: Connection refused
. I believe it's something wrong with the public key not sure though. The key looks like this:
rsa-key-public AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcN
hsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepde
aYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8Vm
JaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmq
iP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQ
MJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
but all in one line. I used puttygen to create the key and it looked like this by deafult:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-public"
AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcN
hsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepde
aYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8Vm
JaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmq
iP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQ
MJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
---- END SSH2 PUBLIC KEY ----
Output of cat /etc/ssh/sshd_config
:
# Package generated configuration file
# See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for
#Port 2222
# Use these options to restrict which interfaces/protocols sshd will bind to
ListenAddress 192.168.1.20
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationinterval 3600
ServerKeyBits 2048
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin prohibit-password
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile ~/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
Xl1Forwarding yes
Xl1DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
*Banner /etc/issue.net
# Allow client to pass locale environment variables
AcceptEnv LANG LC *
Subsystem sftp /usr/lib/openssh/sftp-server
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of *PermitRootLogin without-password*.
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM no
Output service ssh status
/ systemctl status ssh.service
:
peter@PM-server:-$ service ssh status
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/systemissh.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2017-04-03 16:02:13 CEST; 3h 37min ago
Main PID: 1577 (sshd)
Tasks: 7 (limit: 4915)
Memory: 23.1M
CPU: 3.774s
CGroup: /system.slice/ssh.service
├─1577 /usr/sbin/sshd -D
├─2351 sshd: peter [priv]
├─2359 sshd: peter@pts/0
├─2360 -bash
├─2395 systemctl status ssh.service
└─2400 pager
Apr 03 16:25:11 PM-server sudo[2030] :pam_unix(sudo:session): session opened for user root by peter(uid=0)
Apr 03 16:32:45 PM-server sudo[2030] :pam_unix(sudo:session): session closed for user root
Apr 03 16:50:45 PM-server sshd[2068] : Accepted password for peter from 192.168.1.19 port 57813 ssh2
Apr 03 17:19:14 PM-server sudo[2135] peter : TTY=pts/0 ; PWD/home ; USER=root ; COMMAND/bin/chown peter:peter peter
Apr 03 17:19:14 PM-server sudo[2135] :pam_unix(sudo:session): session opened for user root by peter(uid=0)
Apr 03 17:19:14 PM-server sudo[2135] :pam_unix(sudo:session): session closed for user root
Apr 03 19:25:09 PM-server sshd[2351] : Accepted password for peter from 192.168.1.19 port 56635 ssh2
Apr 03 19:26:05 PM-server sudo[2372] peter : TTY=pts/0 ; PWD/home/peter ; USER=root ; COMMAND/bin/systemctl
Apr 03 19:26:05 PM-server sudo[2372] :pam_unix(sudo:session): session opened for user root by peter(uid=0)
Apr 03 19:28:14 PM-server sudo[2372] :pam unix(sudo:session): session closed for user root
Here is the out put of sudo systemctl
.
Output of sudo sshd -T
port 22
protocol 2
addressfamily any
listenaddress [::]:22
listenaddress 0.0.0.0:22
usepam yes
serverkeybits 1024
logingracetime 120
keyregenerationinterval 3600
x11displayoffset 10
maxauthtries 6
maxsessions 10
clientaliveinterval 0
clientalivecountmax 3
streamlocalbindmask 0177
permitrootlogin without-password
ignorerhosts yes
ignoreuserknownhosts no
rhostsrsaauthentication no
hostbasedauthentication no
hostbasedusesnamefrompacketonly no
rsaauthentication yes
pubkeyauthentication yes
kerberosauthentication no
kerberosorlocalpasswd yes
kerberosticketcleanup yes
gssapiauthentication no
gssapikeyexchange no
gssapicleanupcredentials yes
gssapistrictacceptorcheck yes
gssapistorecredentialsonrekey no
passwordauthentication yes
kbdinteractiveauthentication no
challengeresponseauthentication no
printmotd no
printlastlog yes
x11forwarding yes
x11uselocalhost yes
permittty yes
permituserrc yes
strictmodes yes
tcpkeepalive yes
permitemptypasswords no
permituserenvironment no
uselogin no
compression delayed
gatewayports no
usedns no
allowtcpforwarding yes
allowagentforwarding yes
allowstreamlocalforwarding yes
streamlocalbindunlink no
useprivilegeseparation yes
fingerprinthash SHA256
pidfile /var/run/sshd.pid
xauthlocation /usr/bin/xauth
ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256- ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
macs umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256- etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac- 64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
versionaddendum none
kexalgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2- nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman- group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14- sha256,diffie-hellman-group14-sha1
hostbasedacceptedkeytypes ecdsa-sha2-nistp256-cert- v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521- cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert- v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh- ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
hostkeyalgorithms ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2- nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh- ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2- nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa- sha2-256,ssh-rsa
pubkeyacceptedkeytypes ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa- sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh- ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2- nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa- sha2-256,ssh-rsa
loglevel INFO
syslogfacility AUTH
authorizedkeysfile .ssh/authorized_keys .ssh/authorized_keys2
hostkey /etc/ssh/ssh_host_rsa_key
hostkey /etc/ssh/ssh_host_ecdsa_key
hostkey /etc/ssh/ssh_host_ed25519_key
acceptenv LANG
acceptenv LC_*
authenticationmethods any
subsystem sftp /usr/lib/openssh/sftp-server
maxstartups 10:30:100
permittunnel no
ipqos lowdelay throughput
rekeylimit 0 0
permitopen any
server ssh putty keys
I am trying to log in to my server with ssh keys (I use putty to do it) but every time I try to connect it says Network error: Connection refused
. I believe it's something wrong with the public key not sure though. The key looks like this:
rsa-key-public AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcN
hsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepde
aYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8Vm
JaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmq
iP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQ
MJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
but all in one line. I used puttygen to create the key and it looked like this by deafult:
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-public"
AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcN
hsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepde
aYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8Vm
JaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmq
iP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQ
MJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
---- END SSH2 PUBLIC KEY ----
Output of cat /etc/ssh/sshd_config
:
# Package generated configuration file
# See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for
#Port 2222
# Use these options to restrict which interfaces/protocols sshd will bind to
ListenAddress 192.168.1.20
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationinterval 3600
ServerKeyBits 2048
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 120
PermitRootLogin prohibit-password
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile ~/.ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no
# Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes
# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
Xl1Forwarding yes
Xl1DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
*Banner /etc/issue.net
# Allow client to pass locale environment variables
AcceptEnv LANG LC *
Subsystem sftp /usr/lib/openssh/sftp-server
# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of *PermitRootLogin without-password*.
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM no
Output service ssh status
/ systemctl status ssh.service
:
peter@PM-server:-$ service ssh status
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/systemissh.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2017-04-03 16:02:13 CEST; 3h 37min ago
Main PID: 1577 (sshd)
Tasks: 7 (limit: 4915)
Memory: 23.1M
CPU: 3.774s
CGroup: /system.slice/ssh.service
├─1577 /usr/sbin/sshd -D
├─2351 sshd: peter [priv]
├─2359 sshd: peter@pts/0
├─2360 -bash
├─2395 systemctl status ssh.service
└─2400 pager
Apr 03 16:25:11 PM-server sudo[2030] :pam_unix(sudo:session): session opened for user root by peter(uid=0)
Apr 03 16:32:45 PM-server sudo[2030] :pam_unix(sudo:session): session closed for user root
Apr 03 16:50:45 PM-server sshd[2068] : Accepted password for peter from 192.168.1.19 port 57813 ssh2
Apr 03 17:19:14 PM-server sudo[2135] peter : TTY=pts/0 ; PWD/home ; USER=root ; COMMAND/bin/chown peter:peter peter
Apr 03 17:19:14 PM-server sudo[2135] :pam_unix(sudo:session): session opened for user root by peter(uid=0)
Apr 03 17:19:14 PM-server sudo[2135] :pam_unix(sudo:session): session closed for user root
Apr 03 19:25:09 PM-server sshd[2351] : Accepted password for peter from 192.168.1.19 port 56635 ssh2
Apr 03 19:26:05 PM-server sudo[2372] peter : TTY=pts/0 ; PWD/home/peter ; USER=root ; COMMAND/bin/systemctl
Apr 03 19:26:05 PM-server sudo[2372] :pam_unix(sudo:session): session opened for user root by peter(uid=0)
Apr 03 19:28:14 PM-server sudo[2372] :pam unix(sudo:session): session closed for user root
Here is the out put of sudo systemctl
.
Output of sudo sshd -T
port 22
protocol 2
addressfamily any
listenaddress [::]:22
listenaddress 0.0.0.0:22
usepam yes
serverkeybits 1024
logingracetime 120
keyregenerationinterval 3600
x11displayoffset 10
maxauthtries 6
maxsessions 10
clientaliveinterval 0
clientalivecountmax 3
streamlocalbindmask 0177
permitrootlogin without-password
ignorerhosts yes
ignoreuserknownhosts no
rhostsrsaauthentication no
hostbasedauthentication no
hostbasedusesnamefrompacketonly no
rsaauthentication yes
pubkeyauthentication yes
kerberosauthentication no
kerberosorlocalpasswd yes
kerberosticketcleanup yes
gssapiauthentication no
gssapikeyexchange no
gssapicleanupcredentials yes
gssapistrictacceptorcheck yes
gssapistorecredentialsonrekey no
passwordauthentication yes
kbdinteractiveauthentication no
challengeresponseauthentication no
printmotd no
printlastlog yes
x11forwarding yes
x11uselocalhost yes
permittty yes
permituserrc yes
strictmodes yes
tcpkeepalive yes
permitemptypasswords no
permituserenvironment no
uselogin no
compression delayed
gatewayports no
usedns no
allowtcpforwarding yes
allowagentforwarding yes
allowstreamlocalforwarding yes
streamlocalbindunlink no
useprivilegeseparation yes
fingerprinthash SHA256
pidfile /var/run/sshd.pid
xauthlocation /usr/bin/xauth
ciphers chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256- ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
macs umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256- etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac- 64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
versionaddendum none
kexalgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2- nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman- group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14- sha256,diffie-hellman-group14-sha1
hostbasedacceptedkeytypes ecdsa-sha2-nistp256-cert- v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521- cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert- v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh- ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
hostkeyalgorithms ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2- nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh- ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2- nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa- sha2-256,ssh-rsa
pubkeyacceptedkeytypes ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa- sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh- ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2- nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,rsa-sha2-512,rsa- sha2-256,ssh-rsa
loglevel INFO
syslogfacility AUTH
authorizedkeysfile .ssh/authorized_keys .ssh/authorized_keys2
hostkey /etc/ssh/ssh_host_rsa_key
hostkey /etc/ssh/ssh_host_ecdsa_key
hostkey /etc/ssh/ssh_host_ed25519_key
acceptenv LANG
acceptenv LC_*
authenticationmethods any
subsystem sftp /usr/lib/openssh/sftp-server
maxstartups 10:30:100
permittunnel no
ipqos lowdelay throughput
rekeylimit 0 0
permitopen any
server ssh putty keys
server ssh putty keys
edited Apr 4 '17 at 15:28
KV-2
asked Apr 1 '17 at 14:35
KV-2KV-2
33139
33139
Ok, you are have customized your/etc/ssh/sshd_config
and at the moment it is running but not listen to any port:#Port 2222
. Also it listen only to IP address192.168.1.20
. At first look, this could be the reason why our test (ssh $USER@localhost
which meansssh current-user-name@127.0.0.1 -p 22
) doesn't pass. So just for the test change these two lines like this:Port 22
and#ListenAddress 192.168.1.20
- it will listen to any IP to port 22. Restart the service:sudo systemctl restart ssh.service
(orsudo service ssh restart
), and try to connect again:ssh $USER@localhost
.
– pa4080
Apr 3 '17 at 18:48
Also this line is incorrect:AuthorizedKeysFile ~/.ssh/authorized_keys
. It must be:AuthorizedKeysFile %h/.ssh/authorized_keys
. Here you are, how/etc/ssh/sshd_config
looks by default in Ubuntu Server 16.04.1.
– pa4080
Apr 3 '17 at 19:11
Ok, I will make these changes later today and report back how the test went.
– KV-2
Apr 4 '17 at 7:14
I have now done the changes in the sshd_config file, restarted the ssh service and executedssh peter@PM-server
. I got this outputssh: connect to host pm-server port 22: Connection refused
.
– KV-2
Apr 4 '17 at 14:34
I think there is something wrong in/etc/ssh/sshd_config
. Please try to use the original configuration that I shared - just copy and paste all lines in yoursshd_config
file. Then use this command:sudo sshd -T
to do a quick test of the syntax of the configuration file.
– pa4080
Apr 4 '17 at 14:56
|
show 3 more comments
Ok, you are have customized your/etc/ssh/sshd_config
and at the moment it is running but not listen to any port:#Port 2222
. Also it listen only to IP address192.168.1.20
. At first look, this could be the reason why our test (ssh $USER@localhost
which meansssh current-user-name@127.0.0.1 -p 22
) doesn't pass. So just for the test change these two lines like this:Port 22
and#ListenAddress 192.168.1.20
- it will listen to any IP to port 22. Restart the service:sudo systemctl restart ssh.service
(orsudo service ssh restart
), and try to connect again:ssh $USER@localhost
.
– pa4080
Apr 3 '17 at 18:48
Also this line is incorrect:AuthorizedKeysFile ~/.ssh/authorized_keys
. It must be:AuthorizedKeysFile %h/.ssh/authorized_keys
. Here you are, how/etc/ssh/sshd_config
looks by default in Ubuntu Server 16.04.1.
– pa4080
Apr 3 '17 at 19:11
Ok, I will make these changes later today and report back how the test went.
– KV-2
Apr 4 '17 at 7:14
I have now done the changes in the sshd_config file, restarted the ssh service and executedssh peter@PM-server
. I got this outputssh: connect to host pm-server port 22: Connection refused
.
– KV-2
Apr 4 '17 at 14:34
I think there is something wrong in/etc/ssh/sshd_config
. Please try to use the original configuration that I shared - just copy and paste all lines in yoursshd_config
file. Then use this command:sudo sshd -T
to do a quick test of the syntax of the configuration file.
– pa4080
Apr 4 '17 at 14:56
Ok, you are have customized your
/etc/ssh/sshd_config
and at the moment it is running but not listen to any port: #Port 2222
. Also it listen only to IP address 192.168.1.20
. At first look, this could be the reason why our test (ssh $USER@localhost
which means ssh current-user-name@127.0.0.1 -p 22
) doesn't pass. So just for the test change these two lines like this: Port 22
and #ListenAddress 192.168.1.20
- it will listen to any IP to port 22. Restart the service: sudo systemctl restart ssh.service
(or sudo service ssh restart
), and try to connect again: ssh $USER@localhost
.– pa4080
Apr 3 '17 at 18:48
Ok, you are have customized your
/etc/ssh/sshd_config
and at the moment it is running but not listen to any port: #Port 2222
. Also it listen only to IP address 192.168.1.20
. At first look, this could be the reason why our test (ssh $USER@localhost
which means ssh current-user-name@127.0.0.1 -p 22
) doesn't pass. So just for the test change these two lines like this: Port 22
and #ListenAddress 192.168.1.20
- it will listen to any IP to port 22. Restart the service: sudo systemctl restart ssh.service
(or sudo service ssh restart
), and try to connect again: ssh $USER@localhost
.– pa4080
Apr 3 '17 at 18:48
Also this line is incorrect:
AuthorizedKeysFile ~/.ssh/authorized_keys
. It must be: AuthorizedKeysFile %h/.ssh/authorized_keys
. Here you are, how /etc/ssh/sshd_config
looks by default in Ubuntu Server 16.04.1.– pa4080
Apr 3 '17 at 19:11
Also this line is incorrect:
AuthorizedKeysFile ~/.ssh/authorized_keys
. It must be: AuthorizedKeysFile %h/.ssh/authorized_keys
. Here you are, how /etc/ssh/sshd_config
looks by default in Ubuntu Server 16.04.1.– pa4080
Apr 3 '17 at 19:11
Ok, I will make these changes later today and report back how the test went.
– KV-2
Apr 4 '17 at 7:14
Ok, I will make these changes later today and report back how the test went.
– KV-2
Apr 4 '17 at 7:14
I have now done the changes in the sshd_config file, restarted the ssh service and executed
ssh peter@PM-server
. I got this output ssh: connect to host pm-server port 22: Connection refused
.– KV-2
Apr 4 '17 at 14:34
I have now done the changes in the sshd_config file, restarted the ssh service and executed
ssh peter@PM-server
. I got this output ssh: connect to host pm-server port 22: Connection refused
.– KV-2
Apr 4 '17 at 14:34
I think there is something wrong in
/etc/ssh/sshd_config
. Please try to use the original configuration that I shared - just copy and paste all lines in your sshd_config
file. Then use this command: sudo sshd -T
to do a quick test of the syntax of the configuration file.– pa4080
Apr 4 '17 at 14:56
I think there is something wrong in
/etc/ssh/sshd_config
. Please try to use the original configuration that I shared - just copy and paste all lines in your sshd_config
file. Then use this command: sudo sshd -T
to do a quick test of the syntax of the configuration file.– pa4080
Apr 4 '17 at 14:56
|
show 3 more comments
4 Answers
4
active
oldest
votes
Here you go short manual covering the whole process:
How to SSH Ubuntu from Windows via PuTTY, using keys
I. Generate SSH 'key pair' in Ubuntu and create authorized_keys
file
$ ssh-keygen -t rsa -b 4096 Enter
Generating public/private rsa key pair.
Enter file in which to save the key (/home/$USER/.ssh/id_rsa): Enter
Created directory '/home/$USER/.ssh'.
Enter passphrase (empty for no passphrase): type your passphrase Enter
Enter same passphrase again: retype your passphrase Enter
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys Enter
$ chmod go-w ~/ Enter
$ chmod 700 ~/.ssh Enter
$ chmod 600 ~/.ssh/authorized_keys Enter
$ ls -la ~/.ssh Enter
drwx------ 2 user user 4096 апр 2 17:21 .
drwxr-xr-x 3 user user 4096 апр 2 17:40 ..
-rw------- 1 user user 738 апр 2 17:21 authorized_keys
-rw------- 1 user user 3243 апр 2 17:15 id_rsa
-rw-r--r-- 1 user user 738 апр 2 17:15 id_rsa.pub
Please note we don't need to use sudo
. If authorized_keys
already exists the output redirection >>
just will append a new entry.
Make a test - SSH to localhost
using the username of the current user:
$ chmod 600 ~/.ssh/id_rsa.pub
$ ssh $USER@localhost -i ~/.ssh/id_rsa -p 22 -v
Where: (1) you can omit the options -i ~/.ssh/id_rsa -p 22
, because these are the default values, and (2) -v
will turn on verbose mode. Further information can be found in man ssh
.
Please note, this test will pass "only" with the default configuration of /etc/ssh/sshd_config
. Here is the default sshd_config
of Ubuntu 16.04.
II. Convert id_rsa
private key into .ppk
format and use it
Where .ppk
means PuTTY Private Key.
Approach 1: Using puttygen
for Linux:
The idea for this additional editing came from this topic where was discussed the conversion from .ppk
into an OpenSSH compatible format.
Install
putty-tools
in Ubuntu. Open a terminal and type:sudo apt install putty-tools
Convert the private key:
puttygen ~/.ssh/id_rsa -O private -o ~/.ssh/converted_id_rsa.ppk
Copy the converted private key (
converted_id_rsa.ppk
) into Windows.Use this
.ppk
key with PuTTY to connect to Ubuntu. Screenshot.
Approach 2: Using puttygen
for Windows
Copy the private key (
id_rsa
) into Windows.Run 'PuTTY Key Generator' (
puttygen.exe
) and click onLoad
button. Screenshot.Switch to
All Files (*.*)
andOpen
your generated in Ubuntu (id_rsa
) private key file. Screenshot.Enter the passphrase if there is one, then click on
OK
. An notification will be appeared - click onOK
once again. Screenshot.Edit
Key comment
andKey passphrase
if you need it and click onSave private key
. Screenshot.Save your new
.ppk
key in a convenient location. Screenshot.Use this
.ppk
key with PuTTY to connect to Ubuntu. Screenshot.
References:
Simple explanation about the conception of 'public/private key pair'
SSH and Encrypted Home directory
Ubuntu Documentation: SSH/OpenSSH/Keys
How to convert .ppk key to OpenSSH key under Linux?
I tried what you suggested and now it says "server refused our key" when I try to log in with it. Any ideas how to fix that?
– KV-2
Apr 2 '17 at 13:40
I chmoded 700 .ssh and now it says "Network error: Connection refused" again.
– KV-2
Apr 2 '17 at 13:51
@KV-2 I will edit my answer.
– pa4080
Apr 2 '17 at 13:54
@KV-2 I've updated my answer.
– pa4080
Apr 2 '17 at 15:06
thanks for the update, I will try it out when I get the time today.
– KV-2
Apr 3 '17 at 6:25
|
show 3 more comments
Usually, Network error: Connection refused
means that the server refused your SSH connection entirely. It didn't have a problem with the key PuTTY used with it because it didn't get that far in the connection process to even bother with keys. Instead, it refused the connection immediately. This is usually due to the server not running an SSH server (or the SSH server being broken), you having the wrong port, or you having the wrong server address.
However, you say that you only receive that error message when connecting using a public key while connecting using a password works fine. To add a public key for incoming connections, add the following line to ~/.ssh/authorized_keys
on the server (create the file if it doesn't exist):
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcNhsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepdeaYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8VmJaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmqiP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQMJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
Note that this:
- Starts with
ssh-rsa
- Has no line breaks in the middle of it (remove them if present)
- Should be the public key (should start with
AAAAB3
) you're currently using (replace it with the new one if you've generated a new one)
It only says network error when I try to log in with the key. If I use log in with the password it works without any problem and when I issue the commandsudo service ssh status
it says it is active and running. I haven't changed port ethier, it's the standard port 22. I don't really know what to do.
– KV-2
Apr 2 '17 at 14:38
OK, I've added how to add the public key to~/.ssh/authorized_keys
, which is the default way to add a public key for use with inbound SSH connections. Note that this won't work if the user's home directory is encrypted.
– Chai T. Rex
Apr 2 '17 at 14:47
+1 For this detailed explanation. OP is fighting with SSH couple of days, so I made something like a step-by-step manual.
– pa4080
Apr 2 '17 at 16:05
add a comment |
This is a bit different format of the keys. Proper way to convert one to the other is to use ssh-keygen
:
ssh-keygen -i -f /path/to/public.key
The result for your key looks like this:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcNhsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepdeaYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8VmJaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmqiP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQMJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
Therefore on the single line with key identifier ssh-rsa
, instead of the one you used. Also the newlines matter (there can be none).
add a comment |
Install the openssh-server package from Ubuntu Software Center. Or run command below in console if you’re on Ubuntu Server without GUI:
sudo apt-get install openssh-server
Once installed, the SSH service should be started automatically. If necessary, you can start (or stop, restart) the service manually via command:
sudo service ssh start
Port number 22 is default. To change the port, root login permission, you may edit the /etc/ssh/sshd_config file via:
sudo nano /etc/ssh/sshd_config
Remove the "#" from the sshd_config file, which is prefixed to Port 22
New contributor
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "89"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f899188%2fnetwork-error-connection-refused-putty%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
Here you go short manual covering the whole process:
How to SSH Ubuntu from Windows via PuTTY, using keys
I. Generate SSH 'key pair' in Ubuntu and create authorized_keys
file
$ ssh-keygen -t rsa -b 4096 Enter
Generating public/private rsa key pair.
Enter file in which to save the key (/home/$USER/.ssh/id_rsa): Enter
Created directory '/home/$USER/.ssh'.
Enter passphrase (empty for no passphrase): type your passphrase Enter
Enter same passphrase again: retype your passphrase Enter
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys Enter
$ chmod go-w ~/ Enter
$ chmod 700 ~/.ssh Enter
$ chmod 600 ~/.ssh/authorized_keys Enter
$ ls -la ~/.ssh Enter
drwx------ 2 user user 4096 апр 2 17:21 .
drwxr-xr-x 3 user user 4096 апр 2 17:40 ..
-rw------- 1 user user 738 апр 2 17:21 authorized_keys
-rw------- 1 user user 3243 апр 2 17:15 id_rsa
-rw-r--r-- 1 user user 738 апр 2 17:15 id_rsa.pub
Please note we don't need to use sudo
. If authorized_keys
already exists the output redirection >>
just will append a new entry.
Make a test - SSH to localhost
using the username of the current user:
$ chmod 600 ~/.ssh/id_rsa.pub
$ ssh $USER@localhost -i ~/.ssh/id_rsa -p 22 -v
Where: (1) you can omit the options -i ~/.ssh/id_rsa -p 22
, because these are the default values, and (2) -v
will turn on verbose mode. Further information can be found in man ssh
.
Please note, this test will pass "only" with the default configuration of /etc/ssh/sshd_config
. Here is the default sshd_config
of Ubuntu 16.04.
II. Convert id_rsa
private key into .ppk
format and use it
Where .ppk
means PuTTY Private Key.
Approach 1: Using puttygen
for Linux:
The idea for this additional editing came from this topic where was discussed the conversion from .ppk
into an OpenSSH compatible format.
Install
putty-tools
in Ubuntu. Open a terminal and type:sudo apt install putty-tools
Convert the private key:
puttygen ~/.ssh/id_rsa -O private -o ~/.ssh/converted_id_rsa.ppk
Copy the converted private key (
converted_id_rsa.ppk
) into Windows.Use this
.ppk
key with PuTTY to connect to Ubuntu. Screenshot.
Approach 2: Using puttygen
for Windows
Copy the private key (
id_rsa
) into Windows.Run 'PuTTY Key Generator' (
puttygen.exe
) and click onLoad
button. Screenshot.Switch to
All Files (*.*)
andOpen
your generated in Ubuntu (id_rsa
) private key file. Screenshot.Enter the passphrase if there is one, then click on
OK
. An notification will be appeared - click onOK
once again. Screenshot.Edit
Key comment
andKey passphrase
if you need it and click onSave private key
. Screenshot.Save your new
.ppk
key in a convenient location. Screenshot.Use this
.ppk
key with PuTTY to connect to Ubuntu. Screenshot.
References:
Simple explanation about the conception of 'public/private key pair'
SSH and Encrypted Home directory
Ubuntu Documentation: SSH/OpenSSH/Keys
How to convert .ppk key to OpenSSH key under Linux?
I tried what you suggested and now it says "server refused our key" when I try to log in with it. Any ideas how to fix that?
– KV-2
Apr 2 '17 at 13:40
I chmoded 700 .ssh and now it says "Network error: Connection refused" again.
– KV-2
Apr 2 '17 at 13:51
@KV-2 I will edit my answer.
– pa4080
Apr 2 '17 at 13:54
@KV-2 I've updated my answer.
– pa4080
Apr 2 '17 at 15:06
thanks for the update, I will try it out when I get the time today.
– KV-2
Apr 3 '17 at 6:25
|
show 3 more comments
Here you go short manual covering the whole process:
How to SSH Ubuntu from Windows via PuTTY, using keys
I. Generate SSH 'key pair' in Ubuntu and create authorized_keys
file
$ ssh-keygen -t rsa -b 4096 Enter
Generating public/private rsa key pair.
Enter file in which to save the key (/home/$USER/.ssh/id_rsa): Enter
Created directory '/home/$USER/.ssh'.
Enter passphrase (empty for no passphrase): type your passphrase Enter
Enter same passphrase again: retype your passphrase Enter
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys Enter
$ chmod go-w ~/ Enter
$ chmod 700 ~/.ssh Enter
$ chmod 600 ~/.ssh/authorized_keys Enter
$ ls -la ~/.ssh Enter
drwx------ 2 user user 4096 апр 2 17:21 .
drwxr-xr-x 3 user user 4096 апр 2 17:40 ..
-rw------- 1 user user 738 апр 2 17:21 authorized_keys
-rw------- 1 user user 3243 апр 2 17:15 id_rsa
-rw-r--r-- 1 user user 738 апр 2 17:15 id_rsa.pub
Please note we don't need to use sudo
. If authorized_keys
already exists the output redirection >>
just will append a new entry.
Make a test - SSH to localhost
using the username of the current user:
$ chmod 600 ~/.ssh/id_rsa.pub
$ ssh $USER@localhost -i ~/.ssh/id_rsa -p 22 -v
Where: (1) you can omit the options -i ~/.ssh/id_rsa -p 22
, because these are the default values, and (2) -v
will turn on verbose mode. Further information can be found in man ssh
.
Please note, this test will pass "only" with the default configuration of /etc/ssh/sshd_config
. Here is the default sshd_config
of Ubuntu 16.04.
II. Convert id_rsa
private key into .ppk
format and use it
Where .ppk
means PuTTY Private Key.
Approach 1: Using puttygen
for Linux:
The idea for this additional editing came from this topic where was discussed the conversion from .ppk
into an OpenSSH compatible format.
Install
putty-tools
in Ubuntu. Open a terminal and type:sudo apt install putty-tools
Convert the private key:
puttygen ~/.ssh/id_rsa -O private -o ~/.ssh/converted_id_rsa.ppk
Copy the converted private key (
converted_id_rsa.ppk
) into Windows.Use this
.ppk
key with PuTTY to connect to Ubuntu. Screenshot.
Approach 2: Using puttygen
for Windows
Copy the private key (
id_rsa
) into Windows.Run 'PuTTY Key Generator' (
puttygen.exe
) and click onLoad
button. Screenshot.Switch to
All Files (*.*)
andOpen
your generated in Ubuntu (id_rsa
) private key file. Screenshot.Enter the passphrase if there is one, then click on
OK
. An notification will be appeared - click onOK
once again. Screenshot.Edit
Key comment
andKey passphrase
if you need it and click onSave private key
. Screenshot.Save your new
.ppk
key in a convenient location. Screenshot.Use this
.ppk
key with PuTTY to connect to Ubuntu. Screenshot.
References:
Simple explanation about the conception of 'public/private key pair'
SSH and Encrypted Home directory
Ubuntu Documentation: SSH/OpenSSH/Keys
How to convert .ppk key to OpenSSH key under Linux?
I tried what you suggested and now it says "server refused our key" when I try to log in with it. Any ideas how to fix that?
– KV-2
Apr 2 '17 at 13:40
I chmoded 700 .ssh and now it says "Network error: Connection refused" again.
– KV-2
Apr 2 '17 at 13:51
@KV-2 I will edit my answer.
– pa4080
Apr 2 '17 at 13:54
@KV-2 I've updated my answer.
– pa4080
Apr 2 '17 at 15:06
thanks for the update, I will try it out when I get the time today.
– KV-2
Apr 3 '17 at 6:25
|
show 3 more comments
Here you go short manual covering the whole process:
How to SSH Ubuntu from Windows via PuTTY, using keys
I. Generate SSH 'key pair' in Ubuntu and create authorized_keys
file
$ ssh-keygen -t rsa -b 4096 Enter
Generating public/private rsa key pair.
Enter file in which to save the key (/home/$USER/.ssh/id_rsa): Enter
Created directory '/home/$USER/.ssh'.
Enter passphrase (empty for no passphrase): type your passphrase Enter
Enter same passphrase again: retype your passphrase Enter
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys Enter
$ chmod go-w ~/ Enter
$ chmod 700 ~/.ssh Enter
$ chmod 600 ~/.ssh/authorized_keys Enter
$ ls -la ~/.ssh Enter
drwx------ 2 user user 4096 апр 2 17:21 .
drwxr-xr-x 3 user user 4096 апр 2 17:40 ..
-rw------- 1 user user 738 апр 2 17:21 authorized_keys
-rw------- 1 user user 3243 апр 2 17:15 id_rsa
-rw-r--r-- 1 user user 738 апр 2 17:15 id_rsa.pub
Please note we don't need to use sudo
. If authorized_keys
already exists the output redirection >>
just will append a new entry.
Make a test - SSH to localhost
using the username of the current user:
$ chmod 600 ~/.ssh/id_rsa.pub
$ ssh $USER@localhost -i ~/.ssh/id_rsa -p 22 -v
Where: (1) you can omit the options -i ~/.ssh/id_rsa -p 22
, because these are the default values, and (2) -v
will turn on verbose mode. Further information can be found in man ssh
.
Please note, this test will pass "only" with the default configuration of /etc/ssh/sshd_config
. Here is the default sshd_config
of Ubuntu 16.04.
II. Convert id_rsa
private key into .ppk
format and use it
Where .ppk
means PuTTY Private Key.
Approach 1: Using puttygen
for Linux:
The idea for this additional editing came from this topic where was discussed the conversion from .ppk
into an OpenSSH compatible format.
Install
putty-tools
in Ubuntu. Open a terminal and type:sudo apt install putty-tools
Convert the private key:
puttygen ~/.ssh/id_rsa -O private -o ~/.ssh/converted_id_rsa.ppk
Copy the converted private key (
converted_id_rsa.ppk
) into Windows.Use this
.ppk
key with PuTTY to connect to Ubuntu. Screenshot.
Approach 2: Using puttygen
for Windows
Copy the private key (
id_rsa
) into Windows.Run 'PuTTY Key Generator' (
puttygen.exe
) and click onLoad
button. Screenshot.Switch to
All Files (*.*)
andOpen
your generated in Ubuntu (id_rsa
) private key file. Screenshot.Enter the passphrase if there is one, then click on
OK
. An notification will be appeared - click onOK
once again. Screenshot.Edit
Key comment
andKey passphrase
if you need it and click onSave private key
. Screenshot.Save your new
.ppk
key in a convenient location. Screenshot.Use this
.ppk
key with PuTTY to connect to Ubuntu. Screenshot.
References:
Simple explanation about the conception of 'public/private key pair'
SSH and Encrypted Home directory
Ubuntu Documentation: SSH/OpenSSH/Keys
How to convert .ppk key to OpenSSH key under Linux?
Here you go short manual covering the whole process:
How to SSH Ubuntu from Windows via PuTTY, using keys
I. Generate SSH 'key pair' in Ubuntu and create authorized_keys
file
$ ssh-keygen -t rsa -b 4096 Enter
Generating public/private rsa key pair.
Enter file in which to save the key (/home/$USER/.ssh/id_rsa): Enter
Created directory '/home/$USER/.ssh'.
Enter passphrase (empty for no passphrase): type your passphrase Enter
Enter same passphrase again: retype your passphrase Enter
$ cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys Enter
$ chmod go-w ~/ Enter
$ chmod 700 ~/.ssh Enter
$ chmod 600 ~/.ssh/authorized_keys Enter
$ ls -la ~/.ssh Enter
drwx------ 2 user user 4096 апр 2 17:21 .
drwxr-xr-x 3 user user 4096 апр 2 17:40 ..
-rw------- 1 user user 738 апр 2 17:21 authorized_keys
-rw------- 1 user user 3243 апр 2 17:15 id_rsa
-rw-r--r-- 1 user user 738 апр 2 17:15 id_rsa.pub
Please note we don't need to use sudo
. If authorized_keys
already exists the output redirection >>
just will append a new entry.
Make a test - SSH to localhost
using the username of the current user:
$ chmod 600 ~/.ssh/id_rsa.pub
$ ssh $USER@localhost -i ~/.ssh/id_rsa -p 22 -v
Where: (1) you can omit the options -i ~/.ssh/id_rsa -p 22
, because these are the default values, and (2) -v
will turn on verbose mode. Further information can be found in man ssh
.
Please note, this test will pass "only" with the default configuration of /etc/ssh/sshd_config
. Here is the default sshd_config
of Ubuntu 16.04.
II. Convert id_rsa
private key into .ppk
format and use it
Where .ppk
means PuTTY Private Key.
Approach 1: Using puttygen
for Linux:
The idea for this additional editing came from this topic where was discussed the conversion from .ppk
into an OpenSSH compatible format.
Install
putty-tools
in Ubuntu. Open a terminal and type:sudo apt install putty-tools
Convert the private key:
puttygen ~/.ssh/id_rsa -O private -o ~/.ssh/converted_id_rsa.ppk
Copy the converted private key (
converted_id_rsa.ppk
) into Windows.Use this
.ppk
key with PuTTY to connect to Ubuntu. Screenshot.
Approach 2: Using puttygen
for Windows
Copy the private key (
id_rsa
) into Windows.Run 'PuTTY Key Generator' (
puttygen.exe
) and click onLoad
button. Screenshot.Switch to
All Files (*.*)
andOpen
your generated in Ubuntu (id_rsa
) private key file. Screenshot.Enter the passphrase if there is one, then click on
OK
. An notification will be appeared - click onOK
once again. Screenshot.Edit
Key comment
andKey passphrase
if you need it and click onSave private key
. Screenshot.Save your new
.ppk
key in a convenient location. Screenshot.Use this
.ppk
key with PuTTY to connect to Ubuntu. Screenshot.
References:
Simple explanation about the conception of 'public/private key pair'
SSH and Encrypted Home directory
Ubuntu Documentation: SSH/OpenSSH/Keys
How to convert .ppk key to OpenSSH key under Linux?
edited Aug 22 '18 at 21:25
answered Apr 2 '17 at 12:19
pa4080pa4080
14.4k52670
14.4k52670
I tried what you suggested and now it says "server refused our key" when I try to log in with it. Any ideas how to fix that?
– KV-2
Apr 2 '17 at 13:40
I chmoded 700 .ssh and now it says "Network error: Connection refused" again.
– KV-2
Apr 2 '17 at 13:51
@KV-2 I will edit my answer.
– pa4080
Apr 2 '17 at 13:54
@KV-2 I've updated my answer.
– pa4080
Apr 2 '17 at 15:06
thanks for the update, I will try it out when I get the time today.
– KV-2
Apr 3 '17 at 6:25
|
show 3 more comments
I tried what you suggested and now it says "server refused our key" when I try to log in with it. Any ideas how to fix that?
– KV-2
Apr 2 '17 at 13:40
I chmoded 700 .ssh and now it says "Network error: Connection refused" again.
– KV-2
Apr 2 '17 at 13:51
@KV-2 I will edit my answer.
– pa4080
Apr 2 '17 at 13:54
@KV-2 I've updated my answer.
– pa4080
Apr 2 '17 at 15:06
thanks for the update, I will try it out when I get the time today.
– KV-2
Apr 3 '17 at 6:25
I tried what you suggested and now it says "server refused our key" when I try to log in with it. Any ideas how to fix that?
– KV-2
Apr 2 '17 at 13:40
I tried what you suggested and now it says "server refused our key" when I try to log in with it. Any ideas how to fix that?
– KV-2
Apr 2 '17 at 13:40
I chmoded 700 .ssh and now it says "Network error: Connection refused" again.
– KV-2
Apr 2 '17 at 13:51
I chmoded 700 .ssh and now it says "Network error: Connection refused" again.
– KV-2
Apr 2 '17 at 13:51
@KV-2 I will edit my answer.
– pa4080
Apr 2 '17 at 13:54
@KV-2 I will edit my answer.
– pa4080
Apr 2 '17 at 13:54
@KV-2 I've updated my answer.
– pa4080
Apr 2 '17 at 15:06
@KV-2 I've updated my answer.
– pa4080
Apr 2 '17 at 15:06
thanks for the update, I will try it out when I get the time today.
– KV-2
Apr 3 '17 at 6:25
thanks for the update, I will try it out when I get the time today.
– KV-2
Apr 3 '17 at 6:25
|
show 3 more comments
Usually, Network error: Connection refused
means that the server refused your SSH connection entirely. It didn't have a problem with the key PuTTY used with it because it didn't get that far in the connection process to even bother with keys. Instead, it refused the connection immediately. This is usually due to the server not running an SSH server (or the SSH server being broken), you having the wrong port, or you having the wrong server address.
However, you say that you only receive that error message when connecting using a public key while connecting using a password works fine. To add a public key for incoming connections, add the following line to ~/.ssh/authorized_keys
on the server (create the file if it doesn't exist):
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcNhsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepdeaYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8VmJaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmqiP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQMJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
Note that this:
- Starts with
ssh-rsa
- Has no line breaks in the middle of it (remove them if present)
- Should be the public key (should start with
AAAAB3
) you're currently using (replace it with the new one if you've generated a new one)
It only says network error when I try to log in with the key. If I use log in with the password it works without any problem and when I issue the commandsudo service ssh status
it says it is active and running. I haven't changed port ethier, it's the standard port 22. I don't really know what to do.
– KV-2
Apr 2 '17 at 14:38
OK, I've added how to add the public key to~/.ssh/authorized_keys
, which is the default way to add a public key for use with inbound SSH connections. Note that this won't work if the user's home directory is encrypted.
– Chai T. Rex
Apr 2 '17 at 14:47
+1 For this detailed explanation. OP is fighting with SSH couple of days, so I made something like a step-by-step manual.
– pa4080
Apr 2 '17 at 16:05
add a comment |
Usually, Network error: Connection refused
means that the server refused your SSH connection entirely. It didn't have a problem with the key PuTTY used with it because it didn't get that far in the connection process to even bother with keys. Instead, it refused the connection immediately. This is usually due to the server not running an SSH server (or the SSH server being broken), you having the wrong port, or you having the wrong server address.
However, you say that you only receive that error message when connecting using a public key while connecting using a password works fine. To add a public key for incoming connections, add the following line to ~/.ssh/authorized_keys
on the server (create the file if it doesn't exist):
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcNhsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepdeaYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8VmJaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmqiP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQMJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
Note that this:
- Starts with
ssh-rsa
- Has no line breaks in the middle of it (remove them if present)
- Should be the public key (should start with
AAAAB3
) you're currently using (replace it with the new one if you've generated a new one)
It only says network error when I try to log in with the key. If I use log in with the password it works without any problem and when I issue the commandsudo service ssh status
it says it is active and running. I haven't changed port ethier, it's the standard port 22. I don't really know what to do.
– KV-2
Apr 2 '17 at 14:38
OK, I've added how to add the public key to~/.ssh/authorized_keys
, which is the default way to add a public key for use with inbound SSH connections. Note that this won't work if the user's home directory is encrypted.
– Chai T. Rex
Apr 2 '17 at 14:47
+1 For this detailed explanation. OP is fighting with SSH couple of days, so I made something like a step-by-step manual.
– pa4080
Apr 2 '17 at 16:05
add a comment |
Usually, Network error: Connection refused
means that the server refused your SSH connection entirely. It didn't have a problem with the key PuTTY used with it because it didn't get that far in the connection process to even bother with keys. Instead, it refused the connection immediately. This is usually due to the server not running an SSH server (or the SSH server being broken), you having the wrong port, or you having the wrong server address.
However, you say that you only receive that error message when connecting using a public key while connecting using a password works fine. To add a public key for incoming connections, add the following line to ~/.ssh/authorized_keys
on the server (create the file if it doesn't exist):
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcNhsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepdeaYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8VmJaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmqiP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQMJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
Note that this:
- Starts with
ssh-rsa
- Has no line breaks in the middle of it (remove them if present)
- Should be the public key (should start with
AAAAB3
) you're currently using (replace it with the new one if you've generated a new one)
Usually, Network error: Connection refused
means that the server refused your SSH connection entirely. It didn't have a problem with the key PuTTY used with it because it didn't get that far in the connection process to even bother with keys. Instead, it refused the connection immediately. This is usually due to the server not running an SSH server (or the SSH server being broken), you having the wrong port, or you having the wrong server address.
However, you say that you only receive that error message when connecting using a public key while connecting using a password works fine. To add a public key for incoming connections, add the following line to ~/.ssh/authorized_keys
on the server (create the file if it doesn't exist):
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcNhsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepdeaYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8VmJaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmqiP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQMJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
Note that this:
- Starts with
ssh-rsa
- Has no line breaks in the middle of it (remove them if present)
- Should be the public key (should start with
AAAAB3
) you're currently using (replace it with the new one if you've generated a new one)
edited Apr 2 '17 at 14:46
answered Apr 2 '17 at 14:33
Chai T. RexChai T. Rex
4,17711536
4,17711536
It only says network error when I try to log in with the key. If I use log in with the password it works without any problem and when I issue the commandsudo service ssh status
it says it is active and running. I haven't changed port ethier, it's the standard port 22. I don't really know what to do.
– KV-2
Apr 2 '17 at 14:38
OK, I've added how to add the public key to~/.ssh/authorized_keys
, which is the default way to add a public key for use with inbound SSH connections. Note that this won't work if the user's home directory is encrypted.
– Chai T. Rex
Apr 2 '17 at 14:47
+1 For this detailed explanation. OP is fighting with SSH couple of days, so I made something like a step-by-step manual.
– pa4080
Apr 2 '17 at 16:05
add a comment |
It only says network error when I try to log in with the key. If I use log in with the password it works without any problem and when I issue the commandsudo service ssh status
it says it is active and running. I haven't changed port ethier, it's the standard port 22. I don't really know what to do.
– KV-2
Apr 2 '17 at 14:38
OK, I've added how to add the public key to~/.ssh/authorized_keys
, which is the default way to add a public key for use with inbound SSH connections. Note that this won't work if the user's home directory is encrypted.
– Chai T. Rex
Apr 2 '17 at 14:47
+1 For this detailed explanation. OP is fighting with SSH couple of days, so I made something like a step-by-step manual.
– pa4080
Apr 2 '17 at 16:05
It only says network error when I try to log in with the key. If I use log in with the password it works without any problem and when I issue the command
sudo service ssh status
it says it is active and running. I haven't changed port ethier, it's the standard port 22. I don't really know what to do.– KV-2
Apr 2 '17 at 14:38
It only says network error when I try to log in with the key. If I use log in with the password it works without any problem and when I issue the command
sudo service ssh status
it says it is active and running. I haven't changed port ethier, it's the standard port 22. I don't really know what to do.– KV-2
Apr 2 '17 at 14:38
OK, I've added how to add the public key to
~/.ssh/authorized_keys
, which is the default way to add a public key for use with inbound SSH connections. Note that this won't work if the user's home directory is encrypted.– Chai T. Rex
Apr 2 '17 at 14:47
OK, I've added how to add the public key to
~/.ssh/authorized_keys
, which is the default way to add a public key for use with inbound SSH connections. Note that this won't work if the user's home directory is encrypted.– Chai T. Rex
Apr 2 '17 at 14:47
+1 For this detailed explanation. OP is fighting with SSH couple of days, so I made something like a step-by-step manual.
– pa4080
Apr 2 '17 at 16:05
+1 For this detailed explanation. OP is fighting with SSH couple of days, so I made something like a step-by-step manual.
– pa4080
Apr 2 '17 at 16:05
add a comment |
This is a bit different format of the keys. Proper way to convert one to the other is to use ssh-keygen
:
ssh-keygen -i -f /path/to/public.key
The result for your key looks like this:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcNhsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepdeaYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8VmJaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmqiP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQMJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
Therefore on the single line with key identifier ssh-rsa
, instead of the one you used. Also the newlines matter (there can be none).
add a comment |
This is a bit different format of the keys. Proper way to convert one to the other is to use ssh-keygen
:
ssh-keygen -i -f /path/to/public.key
The result for your key looks like this:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcNhsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepdeaYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8VmJaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmqiP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQMJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
Therefore on the single line with key identifier ssh-rsa
, instead of the one you used. Also the newlines matter (there can be none).
add a comment |
This is a bit different format of the keys. Proper way to convert one to the other is to use ssh-keygen
:
ssh-keygen -i -f /path/to/public.key
The result for your key looks like this:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcNhsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepdeaYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8VmJaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmqiP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQMJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
Therefore on the single line with key identifier ssh-rsa
, instead of the one you used. Also the newlines matter (there can be none).
This is a bit different format of the keys. Proper way to convert one to the other is to use ssh-keygen
:
ssh-keygen -i -f /path/to/public.key
The result for your key looks like this:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAx+KoPhVxfBrnN8cFb+hG9MveY0cfNpn9mAcNhsfkEvxeG2EqLRYtaXUBXPgl3uILvXYbqG7HSBq/kZe/AICn/aK89rCGAozEepdeaYmy9EtmfPU8pFgTrgMils8X6b5kPPxCBZ2pfeL/q4SUke+/xpV1x98py6PHM8VmJaBciqvaa89QLvWf3IUuxm7798WvGUPlSMtuE2wnYsyJ4W65nBCs4PCROpaPmcmqiP0VF+Vm5vC3W/F00PC1w3R3BMdDoS2VJj7jQTR1Ralbn9cM185/pZY8lvkX4lEQMJvvwRM1Oy/g+J7+RbPR/XTrrRmKQq5mnWU0ICV5qvTnsc+Lyw==
Therefore on the single line with key identifier ssh-rsa
, instead of the one you used. Also the newlines matter (there can be none).
answered Apr 1 '17 at 16:44
JakujeJakuje
5,31471831
5,31471831
add a comment |
add a comment |
Install the openssh-server package from Ubuntu Software Center. Or run command below in console if you’re on Ubuntu Server without GUI:
sudo apt-get install openssh-server
Once installed, the SSH service should be started automatically. If necessary, you can start (or stop, restart) the service manually via command:
sudo service ssh start
Port number 22 is default. To change the port, root login permission, you may edit the /etc/ssh/sshd_config file via:
sudo nano /etc/ssh/sshd_config
Remove the "#" from the sshd_config file, which is prefixed to Port 22
New contributor
add a comment |
Install the openssh-server package from Ubuntu Software Center. Or run command below in console if you’re on Ubuntu Server without GUI:
sudo apt-get install openssh-server
Once installed, the SSH service should be started automatically. If necessary, you can start (or stop, restart) the service manually via command:
sudo service ssh start
Port number 22 is default. To change the port, root login permission, you may edit the /etc/ssh/sshd_config file via:
sudo nano /etc/ssh/sshd_config
Remove the "#" from the sshd_config file, which is prefixed to Port 22
New contributor
add a comment |
Install the openssh-server package from Ubuntu Software Center. Or run command below in console if you’re on Ubuntu Server without GUI:
sudo apt-get install openssh-server
Once installed, the SSH service should be started automatically. If necessary, you can start (or stop, restart) the service manually via command:
sudo service ssh start
Port number 22 is default. To change the port, root login permission, you may edit the /etc/ssh/sshd_config file via:
sudo nano /etc/ssh/sshd_config
Remove the "#" from the sshd_config file, which is prefixed to Port 22
New contributor
Install the openssh-server package from Ubuntu Software Center. Or run command below in console if you’re on Ubuntu Server without GUI:
sudo apt-get install openssh-server
Once installed, the SSH service should be started automatically. If necessary, you can start (or stop, restart) the service manually via command:
sudo service ssh start
Port number 22 is default. To change the port, root login permission, you may edit the /etc/ssh/sshd_config file via:
sudo nano /etc/ssh/sshd_config
Remove the "#" from the sshd_config file, which is prefixed to Port 22
New contributor
New contributor
answered 9 hours ago
Rajeshwar KRajeshwar K
1
1
New contributor
New contributor
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f899188%2fnetwork-error-connection-refused-putty%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Ok, you are have customized your
/etc/ssh/sshd_config
and at the moment it is running but not listen to any port:#Port 2222
. Also it listen only to IP address192.168.1.20
. At first look, this could be the reason why our test (ssh $USER@localhost
which meansssh current-user-name@127.0.0.1 -p 22
) doesn't pass. So just for the test change these two lines like this:Port 22
and#ListenAddress 192.168.1.20
- it will listen to any IP to port 22. Restart the service:sudo systemctl restart ssh.service
(orsudo service ssh restart
), and try to connect again:ssh $USER@localhost
.– pa4080
Apr 3 '17 at 18:48
Also this line is incorrect:
AuthorizedKeysFile ~/.ssh/authorized_keys
. It must be:AuthorizedKeysFile %h/.ssh/authorized_keys
. Here you are, how/etc/ssh/sshd_config
looks by default in Ubuntu Server 16.04.1.– pa4080
Apr 3 '17 at 19:11
Ok, I will make these changes later today and report back how the test went.
– KV-2
Apr 4 '17 at 7:14
I have now done the changes in the sshd_config file, restarted the ssh service and executed
ssh peter@PM-server
. I got this outputssh: connect to host pm-server port 22: Connection refused
.– KV-2
Apr 4 '17 at 14:34
I think there is something wrong in
/etc/ssh/sshd_config
. Please try to use the original configuration that I shared - just copy and paste all lines in yoursshd_config
file. Then use this command:sudo sshd -T
to do a quick test of the syntax of the configuration file.– pa4080
Apr 4 '17 at 14:56