View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions SSH is not working in Ubuntu 14.04
Log in to Ask a Question

SSH is not working in Ubuntu 14.04

networking

Hi,

I installed a preexisting ubuntu VM from VirtualBox to linode and I can access it using Lish console from the Linode manager but I cannot do ssh to it remotely. It says - "ssh: connect to host xxxxx port 22: Connection timed out". I can do ssh to the IP address for the linode in rescue mode but if I reboot it in normal mode ssh does not work. I have double checked all the configuration files and everything seems fine to me according to my knowledge. Please let me know what I should do to resolve the issue. I can attach screenshots if you need any.

Thanks in advance,

Sharoz

7 Replies

Please paste the output of the following commands:

ip addr show
ip route show table all
ip neigh show nud all
cat /etc/network/interfaces
iptables-save

It'll be easiest to copy/paste using Lish via SSH. When pasting them into the forum, please paste them inside code blocks, so they're easier to read.

The output of 'ip addr show' is:

1: lo: <loopback,up,lower_up>mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: dummy0: <broadcast,noarp>mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 4e:85:67:66:c6:0b brd ff:ff:ff:ff:ff:ff
3: eth0: <broadcast,multicast,up,lower_up>mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 4e:85:67:66:c6:0b brd ff:ff:ff:ff:ff:ff
3: eth0: <broadcast,multicast,up,lower_up>mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether f2:3c:91:59:96:19 brd ff:ff:ff:ff:ff:ff
    inet 50.116.49.215/24 brd 50.116.49.255 scope global eth0
       valid_lft forever preferred_lft forever
4: teql0: <noarp>mtu 1500 qdisc noop state DOWN group default qlen 100
    link/void
5: tunl0@NONE: <noarp>mtu 1480 qdisc noop state DOWN group default qlen 1
    link/ipip 0.0.0.0 brd 0.0.0.0
6: gre0@NONE: <noarp>mtu 1476 qdisc noop state DOWN group default qlen 1
    link/gre 0.0.0.0 brd 0.0.0.0
7: gretap0@NONE: <broadcast,multicast>mtu 1462 qdisc noop state DOWN group default qlen 1000
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
8: ip_vti0@NONE: <noarp>mtu 1428 qdisc noop state DOWN group default qlen 1
    link/ipip 0.0.0.0 brd 0.0.0.0
9: ip6_vti0@NONE: <noarp>mtu 1500 qdisc noop state DOWN group default qlen 1
10: sit0@NONE: <noarp>mtu 1480 qdisc noop state DOWN group default qlen 1
    link/sit 0.0.0.0 brd 0.0.0.0
11: ip6tnl0@NONE: <noarp>mtu 1452 qdisc noop state DOWN group default qlen 1
    link/tunnel6 :: brd ::
12: ip6gre0@NONE: <noarp>mtu 1448 qdisc noop state DOWN group default qlen 1
    link/gre6 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 brd 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00</noarp></noarp></noarp></noarp></noarp></broadcast,multicast></noarp></noarp></noarp></broadcast,multicast,up,lower_up></broadcast,multicast,up,lower_up></broadcast,noarp></loopback,up,lower_up>

The output of 'ip route show table all' is:

default via 50.116.49.1 dev eth0
50.116.49.0/24 dev eth0  proto kernel  scope link  src 50.116.49.215
broadcast 50.116.49.0 dev eth0  table local  proto kernel  scope link  src 50.116.49.215
local 50.116.49.215 dev eth0  table local  proto kernel  scope host  src 50.116.49.215
broadcast 50.116.49.255 dev eth0  table local  proto kernel  scope link  src 50.116.49.215
broadcast 127.0.0.0 dev lo  table local  proto kernel  scope link  src 127.0.0.1
local 127.0.0.0/8 dev lo  table local  proto kernel  scope host  src 127.0.0.1
local 127.0.0.1 dev lo  table local  proto kernel  scope host  src 127.0.0.1
broadcast 127.255.255.255 dev lo  table local  proto kernel  scope link  src 127.0.0.1
unreachable default dev lo  table unspec  proto kernel  metric 4294967295  error -101
unreachable default dev lo  table unspec  proto kernel  metric 4294967295  error -101

The output of 'ip neigh show nud all' is:

50.116.49.3 dev eth0 lladdr 84:78:ac:57:a8:41 STALE
50.116.49.1 dev eth0 lladdr 00:00:0c:9f:f0:11 REACHABLE
127.0.0.1 dev lo lladdr 00:00:00:00:00:00 NOARP

The output of 'cat /etc/network/interfaces' is:

# A backup of the previous config is at /etc/network/.interfaces.linode-last
# A backup of the original config is at /etc/network/.interfaces.linode-orig
#
# /etc/network/interfaces

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet static
    address 50.116.49.215/24
    gateway 50.116.49.1
    dns-nameservers 203.0.113.1 203.0.113.2 203.0.113.3
    dns-search members.linode.com
    dns-options rotate

# This is an autoconfigured IPv6 interface
iface eth0 inet6 auto

There is no output for 'iptables-save' command.

Thanks,

Sharoz

@smirza:

There is no output for 'iptables-save' command.

iptables-save needs to be run as root or with sudo (annoyingly it doesn't complain when it doesn't have privileges to do what it needs to work).

The output of 'sudo iptables-save' is:

# Generated by iptables-save v1.4.21 on Wed Dec 21 10:22:28 2016
*security
:INPUT ACCEPT [1189:811908]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1919:864721]
COMMIT
# Completed on Wed Dec 21 10:22:28 2016
# Generated by iptables-save v1.4.21 on Wed Dec 21 10:22:28 2016
*raw
:PREROUTING ACCEPT [1191:811992]
:OUTPUT ACCEPT [1919:864721]
COMMIT
# Completed on Wed Dec 21 10:22:28 2016
# Generated by iptables-save v1.4.21 on Wed Dec 21 10:22:28 2016
*nat
:PREROUTING ACCEPT [25:1099]
:INPUT ACCEPT [23:1015]
:OUTPUT ACCEPT [276:19273]
:POSTROUTING ACCEPT [276:19273]
COMMIT
# Completed on Wed Dec 21 10:22:28 2016
# Generated by iptables-save v1.4.21 on Wed Dec 21 10:22:28 2016
*mangle
:PREROUTING ACCEPT [1191:811992]
:INPUT ACCEPT [1191:811992]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1919:864721]
:POSTROUTING ACCEPT [1919:864721]
COMMIT
# Completed on Wed Dec 21 10:22:28 2016
# Generated by iptables-save v1.4.21 on Wed Dec 21 10:22:28 2016
*filter
:INPUT ACCEPT [13:607]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [454:91208]
:fail2ban-ssh - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -s 127.0.0.1/32 -p tcp -m state --state NEW -m tcp --dport 1099 -j ACCE
PT
-A INPUT -s 127.0.0.1/32 -p tcp -m state --state NEW -m tcp --dport 3306 -j ACCE
PT
# Completed on Wed Dec 21 10:22:28 2016
# Generated by iptables-save v1.4.21 on Wed Dec 21 10:22:28 2016
*filter
:INPUT ACCEPT [13:607]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [454:91208]
:fail2ban-ssh - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT                                                       OP
-A INPUT ! -s 128.0.0.0/8 -p tcp -m state --state NEW -m tcp --dport 3873 -j DROP
-A INPUT ! -s 128.0.0.0/8 -p tcp -m state --state NEW -m tcp --dport 8009 -j DROP
-A INPUT ! -s 128.0.0.0/8 -p tcp -m state --state NEW -m tcp --dport 1098 -j DROP
-A INPUT ! -s 127.0.0.1/32 -p tcp -m state --state NEW -m tcp --dport 1099 -j DROP
-A INPUT ! -s 127.0.0.1/32 -p tcp -m state --state NEW -m tcp --dport 3306 -j DROP
-A INPUT ! -s 128.0.0.0/8 -p tcp -m state --state NEW -m tcp --dport 34987 -j DROP
-A INPUT ! -s 128.0.0.0/8 -p tcp -m state --state NEW -m tcp --dport 80 -j DROP
-A INPUT ! -s 128.0.0.0/8 -p tcp -m state --state NEW -m tcp --dport 8083 -j DROP
-A INPUT ! -s 128.0.0.0/8 -p tcp -m state --state NEW -m tcp --dport 22 -j DROP
-A fail2ban-ssh -j RETURN
COMMIT
# Completed on Wed Dec 21 10:22:28 2016

Your firewall rules don't appear to allow anything other than localhost to connect. The easiest way to fix that would be to flush them (sudo iptables -F) so that you can connect via SSH normally, and then configure them properly. This guide will be helpful in setting things up properly.

I just managed to connect with the VM successfully via ssh. Also, I'll configure the settings using the guide. I am not very experienced in networking. I may ask you questions if

I face any problem. Thank you very much for your help.

I am also having another problem - apache2 is giving me an error "The apache2 instance did not start within 20 seconds. Please read the log files to discover problems" during booting of the VM. I tried to restart apache2 from the VM using "sudo service apache2 restart" command and I get the same error. Would you be able to help me with this?

The output of "sudo netstat -lnpt" is in the following code section.

tcp        0      0 0.0.0.0:46681           0.0.0.0:*               LISTEN      4292/java
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      4677/apache2
tcp        0      0 0.0.0.0:4444            0.0.0.0:*               LISTEN      4292/java
tcp        0      0 0.0.0.0:4445            0.0.0.0:*               LISTEN      4292/java
tcp        0      0 0.0.0.0:4446            0.0.0.0:*               LISTEN      4292/java
tcp        0      0 127.0.0.1:3873          0.0.0.0:*               LISTEN      4292/java
tcp        0      0 0.0.0.0:8009            0.0.0.0:*               LISTEN      4292/java
tcp        0      0 0.0.0.0:41065           0.0.0.0:*               LISTEN      4292/java
tcp        0      0 0.0.0.0:1098            0.0.0.0:*               LISTEN      4292/java
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      3793/mysqld
tcp        0      0 0.0.0.0:1099            0.0.0.0:*               LISTEN      4292/java
tcp        0      0 0.0.0.0:41103           0.0.0.0:*               LISTEN      4292/java
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      4677/apache2
tcp        0      0 0.0.0.0:8083            0.0.0.0:*               LISTEN      4292/java
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      4855/sshd
tcp6       0      0 :::22                   :::*                    LISTEN      4855/sshd

Thanks,

Sharoz

I fixed the apache2 issue. Thanks again for your help.

Sharoz

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct