[SOLVED] Windows Terminal: "ssh: connect to host 12.3.4.56 port 22: Permission denied"

[Jhorg4]

So I have been at this for about 4 days now and there is not much out there in regards to my "Permission denied" issue but there sure are a bunch of tutorials for "Permission denied (publickey)", connection refused, etc.

I have an unused PC that I turned into a server for Minecraft. I installed Ubuntu Server 20.04.4 LTS and set it up.

I want to connect to my server with my Windows 10 PC using the Windows Terminal preferably, or PuTTY. It seemed to be as simple as installing OpenSSH Client and running the command ssh username@12.3.4.56. However, I immediately get an "ssh: connect to host 12.3.4.56 port 22: Permission denied" message.

So I installed PuTTY and tried. I received a "Network error: Permission denied" immediately after selecting open.

However, I am running Zorin OS on my laptop and I can get in the server with no problems.
All of my PCs are connected to the same network.

I have tried the following:

• (Ubuntu Server) I changed the sshd-config file by uncommenting PermitRootLogin yes, PasswordAuthentication yes (per tutorials I found), and even changed the port number from 22 to something else (setting a ufw rule to allow, of course).
• (Ubuntu Server) I set a rule to allow my Windows PC IP Address through the firewall.
• (Ubuntu Server) I checked the service status of SSH, making sure Ubuntu and SSH were completely updated, restarted SSH, and created a root account and password as well.
• (Ubuntu Server) I reinstalled OpenSSH.
• (Ubuntu Server) I reset the firewall.
• (Windows 10) I have the OpenSSH Client installed on my PC.
• (Windows 10) I turned off my antivirus and firewall.
• (Windows 10) I created inbound and outbound rules for port 22 via Windows Firewall.
• (Network) I restarted my router.

Debug Log

C:\WINDOWS\system32>ssh -vvv username@12.3.4.56
OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2
debug3: Failed to open file:C:/Users/joshu/.ssh/config error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_config error:2
debug2: resolve_canonicalize: hostname 12.3.4.56 is address
debug2: ssh_connect_direct
debug1: Connecting to 12.3.4.56 [12.3.4.56] port 22.
debug3: finish_connect - ERROR: async io completed with error: 10013, io:000001AF8F3FDFB0
debug1: connect to address 12.3.4.56 port 22: Permission denied
ssh: connect to host 12.3.4.56 port 22: Permission denied

My Ubuntu Server is using "OpenSSH_8.2p1 Ubuntu-4ubuntu0.4, OpenSSL 1.1.1f 31 Mar 2020".

I am at a loss of what to do from here. I am just wondering what I may be missing. I created a .ssh folder and .ssh folder since they were not there. I am not sure how to create a ssh_config file and what would I need to put in there for my Windows PC to securely connect to my server.

Any help would be greatly appreciated!

 

[kanewolf]

Start simple and see if you can get telnet to work. You are on your LAN only, so there is no significant risk in having telnet running on your server. You can always disable telnet after you have tested.

 

[Jhorg4]

Never heard of Telenet, but wow it's old. I just watched Star Wars on it, how crazy is that.

When using Telenet to connect to my server I get the following: Connecting To 12.3.4.56...Could not open connection to the host, on port 22: Connect failed.

Then, I try to do my own PC and I get the same thing: Connecting To localhost...Could not open connection to the host, on port 22: Connect failed.

Then, I tried my server and it is open and connected. However, I have set rules to only allow my PC and another through the firewall using ufw. I just had the port completely open beforehand and that didn't change a thing.

I have a specific inbound and outbound rule in my Windows firewall that allows port 22 TCP. I even disabled my antivirus to check.

I am at a complete loss.

 

[kanewolf]

Never heard of Telenet, but wow it's old. I just watched Star Wars on it, how crazy is that.

When using Telenet to connect to my server I get the following: Connecting To 12.3.4.56...Could not open connection to the host, on port 22: Connect failed.

Then, I try to do my own PC and I get the same thing: Connecting To localhost...Could not open connection to the host, on port 22: Connect failed.

Then, I tried my server and it is open and connected. However, I have set rules to only allow my PC and another through the firewall using ufw. I just had the port completely open beforehand and that didn't change a thing.

I have a specific inbound and outbound rule in my Windows firewall that allows port 22 TCP. I even disabled my antivirus to check.

I am at a complete loss.

Telnet is on port 23, SSH is on 22.
If you are using Putty, you should just be able to set the protocol to "Other" and the pulldown to Telnet. That should pick port 23 automatically.

 

[Jhorg4]

If you are using Putty, you should just be able to set the protocol to "Other" and the pulldown to Telnet. That should pick port 23 automatically.

I actually did that. I forgot to mention it. I tried port 23 via Telnet and it still brought up a connect failed.

PuTTY just gave me a Network error: permission denied.

 

[Cj-tech]

However, I am running Zorin OS on my laptop and I can get in the server with no problems.

Did you have to setup rules in UFW to allow this connection to be made?

(Ubuntu Server) I set a rule to allow my Windows PC IP Address through the firewall.

I’ve gone through the same process to setup a Minecraft server, except it was Ubuntu Desktop instead of Ubuntu Server. Does your UFW rule look like this?

# Comment: Allow from a specific IP to a specific port
sudo ufw allow from 192.168.1.1 to any port 22

# Comment: Allow from all IP addresses in the network to a specific port
sudo ufw allow from 192.168.1.1/24 to any port 22

After updating rules, it’s a best practice to run sudo ufw reload. Out of curiosity, what do the current firewall rules look like? If you don’t mind, you can run sudo ufw status and post the results here.

 

[Jhorg4]

Did you have to setup rules in UFW to allow this connection to be made?

No, I did not. I didn't even enable ufw before trying to connect with my laptop. I can connect with my linux laptop easy peasy.

Status: active

To Action From
-- ------ ----
22/tcp ALLOW 12.3.4.56
22/tcp ALLOW 12.3.4.56

I did similar rules but to TCP instead. I have tried out many rules.

So you set up your server on Ubuntu Desktop and connected to it with your Windows PC? I see everyone doing it so easy but I have to have the issues lol.

My Windows firewall and antivirus was even turned off and I still could not connect to my server.

I then did a fresh install of Ubuntu Server and started from scratch.

Thank you for the help.

 

[Jhorg4]

I think I know what the issue may be. I have NordVPN and they have a firewall that blocks ports. I installed Nord on my linux laptop and then I could not connect until I added a whitelist rule.

I will try and add the server's subnet to the whitelist tomorrow and then leave an update.

 

[Cj-tech]

So you set up your server on Ubuntu Desktop and connected to it with your Windows PC? I see everyone doing it so easy but I have to have the issues lol.

My Windows firewall and antivirus was even turned off and I still could not connect to my server.

I installed the desktop version because I wanted to use the computer for multiple purposes. Some of the software that I like only has a GUI. I used Putty and never had to manually change any firewall settings.

I think I know what the issue may be. I have NordVPN and they have a firewall that blocks ports. I installed Nord on my linux laptop and then I could not connect until I added a whitelist rule.

That VPN sounds like it is the problem. You can also try to temporarily disable UFW and see if you can connect to it then. That would rule out the Ubuntu Server laptop as the issue.

 

[Jhorg4]

You can also try to temporarily disable UFW and see if you can connect to it then. That would rule out the Ubuntu Server laptop as the issue.

Yep, I have done that. I even tried connecting to it after the fresh install before I enabled ufw.

Yesterday, I disabled SSH and then checked the status of SSH to confirm it was inactive. I saw a log "Accepted password for username from 12.3.4.56 port #". That's my windows IP and I never got the chance to enter a password. It sounds like my Windows PC is refusing to connect so thankfully I found out about the NordVPN firewall is the most likely cause, hopefully.

NordVPN is down so I cannot access the settings to whitelist. A bit frustrating.

 

[Jhorg4]

Nord finally returned to a normal state, I logged in, changed some settings that have been collecting dust, and Nord was indeed the culprit. I should've just pursued Nord instead of brushing it off, such an easy and quick fix. Thanks for the help!