Hosting + Ai Website Builder + Free Domain (3 Month Free Credit)
Shop Today

How to Fix SSH on Linux Server: Complete Troubleshooting Guide

SSH (Secure Shell) is an essential protocol used for securely connecting to remote Linux servers. It provides administrators with the ability to manage servers, execute commands, and transfer files remotely. Administrators may need to fix SSH issue in Linux when problems arise that disrupt remote access to the server, making it a critical issue to resolve quickly.

In this article, we will walk you through common SSH issues on Linux servers and provide step-by-step solutions to help you fix SSH problems. From service failures to connection timeouts, we’ll cover troubleshooting techniques, configuration fixes, and optimization tips to restore SSH access to your server.

Preliminary Steps Before Fixing SSH

Preliminary Steps Before Fixing SSH

Before jumping into detailed solutions, it’s important to ensure that the SSH service is installed correctly and that the server is accessible.

Checking SSH Logs

The first step in troubleshooting SSH issues is to check the SSH logs. These logs provide valuable information about failed login attempts, service errors, or permission issues. The logs are typically located in /var/log/auth.log or /var/log/secure:

sudo cat /var/log/auth.log  # For Debian-based systems
sudo cat /var/log/secure # For RHEL-based systems

Look for any error messages that might provide clues about the problem.

Ensuring SSH is Installed

Ensure that the SSH server (usually OpenSSH) is installed on your Linux system. You can verify its installation by running:

ssh -V

If SSH is not installed, you can install it using the package manager:

sudo apt-get install openssh-server  # For Debian-based systems
sudo yum install openssh-server # For RHEL-based systems

Checking SSH Service Status

Before attempting to fix SSH, check if the SSH service is running. Use the following command to check its status:

sudo systemctl status ssh

If SSH is not running, try restarting the service:

sudo systemctl restart ssh

If there’s a problem starting the service, you may need to investigate further.

Identifying Common SSH Issues

There are several common SSH issues that can arise on Linux servers. Let’s go over some of the most frequent problems and their causes.

  • SSH Service Not Starting

Sometimes, the SSH service may fail to start due to configuration errors, corrupted files, or missing dependencies. This issue can prevent you from connecting to the server remotely. To identify the problem, check the logs for errors or service failures.

  • Connection Timeouts

A connection timeout typically occurs when the server doesn’t respond to your connection request. This issue may be caused by a network problem, firewall rules blocking SSH, or a misconfigured SSH server.

  • Authentication Failures

SSH authentication failures are often caused by incorrect usernames, passwords, or SSH key issues. It’s essential to confirm that the credentials you’re using are correct and that SSH key authentication is configured properly.

  • Permission Denied Errors

Permission denied errors may occur if the user does not have the appropriate access rights to log in via SSH. This can also happen if the SSH configuration file is not set up correctly or if the user’s permissions on their home directory or SSH key files are incorrect.

Fixing SSH on Linux: Step-by-Step Solutions

Once you’ve identified the issue, follow the steps below to fix SSH on your Linux server.

Restarting SSH Services

A simple restart can resolve many SSH issues. To restart the SSH service, run:

sudo systemctl restart ssh  # For systemd-based systems
sudo service ssh restart # For older init.d systems

After restarting, verify the status of the SSH service:

sudo systemctl status ssh

Ensure that the service is running and no errors are reported.

Fixing SSH Configuration Files

Misconfigurations in the SSH server configuration file (/etc/ssh/sshd_config) can prevent SSH from working correctly. Check the configuration for any syntax errors or incorrect settings. Common issues include disabled root login, incorrect PermitRootLogin settings, or misconfigured AllowUsers directives.

To test the SSH configuration for errors, run:

sudo sshd -t

If any errors are found, correct them and restart the SSH service:

sudo systemctl restart ssh

Fixing Connection Timeouts

If SSH connections are timing out, the problem could be related to firewall settings, network issues, or SSH server configurations.

  • Check Firewall Settings:

Make sure that port 22 (default SSH port) is open on the server’s firewall.

For UFW (Uncomplicated Firewall), run:

sudo ufw allow 22/tcp

For iptables, use:

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
  • Check Network Settings:

Ensure that no network issues are preventing the server from accepting SSH connections. Check if the server is reachable by using ping:

ping your-server-ip

Also, verify that the server’s IP address is correctly configured and accessible.

Check Out | Why Understand SSH on Linux? Secure Access Explained

Fixing Authentication Failures

Authentication issues can occur due to incorrect passwords or issues with SSH keys. To resolve authentication failures:

  • Verify Username and Password:

Ensure that you are using the correct username and password. If you’re using password authentication, ensure that the PasswordAuthentication directive in the /etc/ssh/sshd_config file is set to yes:

PasswordAuthentication yes
  • Verify SSH Keys:

If you are using SSH key authentication, ensure that the public key is properly added to the ~/.ssh/authorized_keys file on the server. Also, check that the private key is correctly configured on the client machine. Ensure that the permissions for the .ssh directory and the authorized_keys file are correct:

chmod 700 ~/.ssh chmod 600 ~/.ssh/authorized_keys
  • Check SSH Agent:

If you are using SSH keys with an SSH agent, ensure that the agent is running and the correct key is loaded. You can check the keys loaded into the SSH agent with:

ssh-add -l

If the key is not listed, add it:

ssh-add /path/to/your/private_key

Resolving Permission Denied Errors

If you’re receiving a “Permission Denied” error when trying to log in, it could be due to incorrect file permissions or user access settings. Follow these steps to resolve the issue:

  • Check File Permissions:

Ensure that the user’s home directory and .ssh folder have the correct permissions. For example:

sudo chown -R user:user /home/user/.ssh 
sudo chmod 700 /home/user/.ssh 
sudo chmod 600 /home/user/.ssh/authorized_keys
  • Verify sshd_config Settings:

In the SSH configuration file (/etc/ssh/sshd_config), ensure that the following settings are correct:

PermitRootLogin yes # Allow root login (or "without-password" for key-based login) AllowUsers user # Allow specific users to log in

After making any changes, restart the SSH service:

sudo systemctl restart ssh

Advanced SSH Troubleshooting

For more complex issues, you can perform advanced troubleshooting steps to fix SSH on your Linux server.

Resolving Port Conflicts

If you cannot connect to the server on the default SSH port (22), the port may be in use by another service. To check which service is using port 22, use the following command:

sudo lsof -i :22

If another service is using port 22, either stop that service or change the SSH port in the /etc/ssh/sshd_config file by modifying the Port directive:

Port 2222

After changing the port, restart SSH:

sudo systemctl restart ssh

Checking SELinux Settings

If you’re using SELinux, it may block SSH connections based on its security policies. You can temporarily disable SELinux to check if it’s the cause of the issue:

sudo setenforce 0  # Disable SELinux temporarily

If disabling SELinux resolves the issue, you can modify the SELinux policy or use semanage to allow SSH connections.

Reinstalling SSH

If SSH continues to malfunction despite troubleshooting, consider reinstalling the OpenSSH server:

sudo apt-get purge openssh-server  # For Debian-based systems
sudo yum remove openssh-server # For RHEL-based systems

Then, reinstall it:

sudo apt-get install openssh-server  # For Debian-based systems
sudo yum install openssh-server # For RHEL-based systems

Optimizing SSH for Linux Servers

After fixing SSH, it’s a good idea to optimize your server for better security and performance.

Disable Root Login

For better security, it’s recommended to disable direct root login via SSH. In the /etc/ssh/sshd_config file, set:

PermitRootLogin no

This will require users to log in with a regular account and use sudo for administrative privileges.

Use SSH Key Authentication

To improve security, use SSH key-based authentication instead of passwords. This method is more secure and reduces the risk of brute-force attacks.

Configure SSH Timeouts

To prevent idle SSH sessions from remaining open indefinitely, you can configure timeouts in the sshd_config file:

ClientAliveInterval 300
ClientAliveCountMax 0

These settings will disconnect idle sessions after 5 minutes.

Conclusion

Fixing SSH on a Linux server involves troubleshooting common issues like service failures, connection timeouts, and authentication problems. By following the steps in this guide, you can resolve most SSH-related issues and restore secure remote access to your server. Always ensure that your SSH configuration is secure and optimized, and consider using key-based authentication for better protection. Regularly monitor SSH logs and keep your system updated to avoid potential vulnerabilities.

Himanshu Joshi

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top