SSH Troubleshooting Guide: Common Issues and Solutions

SSH issues can be frustrating when trying to connect to remote servers. Let’s explore common SSH problems and their solutions to help you get back on track quickly.

Common SSH Issues

1. Connection Refused

ssh: connect to host example.com port 22: Connection refused

Solutions:

1. Verify the SSH service is running:

   sudo systemctl status ssh  # For Ubuntu/Debian
   sudo service sshd status  # For RHEL/CentOS
   

2. Check firewall settings:

   sudo ufw status  # Ubuntu
   sudo firewall-cmd --list-all  # CentOS
   

3. Confirm the correct port:

   ssh -p PORT_NUMBER user@hostname
   

2. Permission Denied

Permission denied (publickey,password)

Solutions:

1. Check key permissions:

   chmod 600 ~/.ssh/id_rsa
   chmod 644 ~/.ssh/id_rsa.pub
   

2. Verify key is added to agent:

   ssh-add ~/.ssh/id_rsa
   ssh-add -l  # List added keys
   

3. Check authorized_keys file:

   chmod 700 ~/.ssh
   chmod 600 ~/.ssh/authorized_keys
   

3. Host Key Verification Failed

WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!

Solutions:

1. Remove old key (if you trust the change):

   ssh-keygen -R hostname
   

2. Update known_hosts manually:

   ssh-keyscan -H hostname >> ~/.ssh/known_hosts
   

4. SSH Agent Issues

Solutions:

1. Start SSH agent:

   eval $(ssh-agent)
   

2. Add key permanently (add to ~/.bashrc):

   if [ -z "$SSH_AUTH_SOCK" ]; then
       eval $(ssh-agent -s)
       ssh-add
   fi
   

Best Practices

Key Management

1. Use strong key encryption:

   ssh-keygen -t ed25519 -a 100
   

2. Backup your keys:

   cp -r ~/.ssh/id_* /secure/backup/location/
   

Security Configuration

1. Disable password authentication:

   # In /etc/ssh/sshd_config
   PasswordAuthentication no
   

2. Use specific user permissions:

   # In /etc/ssh/sshd_config
   AllowUsers user1 user2
   

Performance Optimization

1. Enable connection multiplexing:

   # In ~/.ssh/config
   Host *
     ControlMaster auto
     ControlPath ~/.ssh/control:%h:%p:%r
     ControlPersist 1h
   

2. Use compression for slow connections:

   ssh -C user@hostname
   

Modern Alternatives

While SSH is powerful, modern cloud platforms offer simpler solutions. For example, Thunder Compute eliminates SSH complexity entirely, letting you directly connect to cloud instances with tnr connect.

• No key management required
• Automatic security updates
• Zero-configuration setup

Debugging Tools

1. Verbose logging:

   ssh -vvv user@hostname
   

2. Test connectivity:

   nc -zv hostname 22
   

3. Check SSH daemon logs:

   sudo tail -f /var/log/auth.log  # Ubuntu
   sudo tail -f /var/log/secure    # CentOS
   

Quick Reference

Common Error Codes

• Exit 255: Generic error
• Exit 1: Invalid command
• Exit 126: Command not executable
• Exit 127: Command not found

Essential SSH Commands

ssh-keygen          # Generate new key
ssh-copy-id         # Copy key to server
ssh-add             # Add key to agent
ssh-keyscan         # Scan host keys

Next Steps

After mastering SSH troubleshooting:

• Set up SSH config files
• Implement key rotation
• Configure bastion hosts
• Explore modern alternatives

For a hassle-free experience without SSH complexity, check out Thunder Compute where you can access your instances directly through your browser!