Bobcares

Problem with SFTP connection refused in Linux? Right solution for you

by | May 2, 2019

For website owners, SFTP is one of the ways to transfer files securely in Linux servers.

But at times, due to the misconfiguration of the ssh_config file, firewall blocking port 22 connection and failed ssh service on the server you may get an error like,

ssh: connect to host x.x.x.x port 22: Connection refused

At Bobcares, we help our customers to resolve such SFTP connection refused error in Linux as part of our Server Management Services.

Today, we’ll discuss the top 4 reasons for this error and how our Support Engineers fix them.

SFTP connection refused error – Why & how we fix?

SFTP connection refused is a network error when connecting to the server and you get the error like:

ssh: connect to host myserver port 22: Connection refused

There are several reasons on why the SFTP connection refused error happens and we’ll see how our Support Engineers fix them.

 

1. Misconfiguration in ssh_config file

In most of the cases, this SFTP connection refused error occurs due to bad settings in the ssh_config file. Recently, one of our customers changed the settings in the ssh_config file and changed the root ownership. And, when he attempted login it resulted in SFTP connection refused error.

For proper working, ChrootDirectory should be owned by root. So, when sshd checks the ChrootDirectory it refuses to allow login and causes a security problem. Thus, results in a connection refused error.

To solve this problem we need to configure OpenSSH that uses SFTP subsystem and chroot.

We executed the steps mentioned below.

1. We edited the /etc/ssh/sshd_config file by adding the following code.

Subsystem sftp internal-sftp
Match group sftponly
ChrootDirectory /home/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

2. Then we restarted the service.

 

2. Firewall blocks port 22

Similarly, SFTP connection refused error happens when the firewall doesn’t allow the connection to port 22. SFTP uses secure port 22 instead of normal FTP port 21. When you want to connect to port 22 it should have an entry in /etc/ssh/sshd_config file and the firewall should allow the connection to port 22. Otherwise, your connection will get refused and results in an error like "ssh: connect to host my server port 22: Connection refused".

So, to fix this error our Support Engineers perform the necessary steps as shown below.

1. First, we edit /etc/ssh/sshd_config file to listen on port 22.

2. We make sure that there is no # in front of the port number.

3. We run the command netstat | grep 22 to check the port is connected.

4. Next, we allow port 22 in the firewall by executing the command:

ufw allow 22

5. Then we restart the service and that fixes the problem.

 

3. Improper installation of SSH on the server.

Often SFTP error arises when ssh is not properly installed on the server. So, when you try to connect to SFTP server it always gives error “ssh: connect to host x.x.x.x port 22: Connection refused“.

In Linux servers, we check and make sure that SSH is installed properly by executing the command

dpkg --get-selections | grep ssh

If there is an error, then we install it correctly by running the command:

apt-get install openssh-server

Finally, we restart the service and ensure that the user could connect to SFTP server without any failure.

 

4. Incorrect port in FTP client

For instance in Filezilla, to securely connect via SFTP you need to provide the hostname and port correctly. However, we’ve seen instances where users use SFTP connection, but fail to provide the correct SFTP port in the FTP client configuration.

Although FTP port is 21 and SFTP port is 22, to connect SFTP server via FTP client correct port should be given in the port field as shown below.

That’s how our Support Engineers fixed the problem and the user could connect to SFTP server without any error.

 

[Having trouble with SFTP connection refused error? We’ll fix it for you.]

 

 

Conclusion

In short, “SFTP connection refused” error happens due to the misconfiguration of the ssh_config file, the firewall blocking port 22 connection and much more. Today, we saw the top 4 reasons for this error and how our Support Engineers fixed them.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF