port 22 connection refused

Ideally, you should be using key-based authentication for SSH as it’s more secure. If you’re using password authentication, double-check the credentials to verify they’re correct.

Aside from this, the Port 22: Connection Refused error normally happens because the SSH server is down, or some SSH-related settings are misconfigured. We’ll explain what you can do in all such cases in this article.

Check SSH Server Status

Start by verifying the SSH server status.

sudo systemctl status ssh

If the service is currently inactive, start it with

sudo systemctl start ssh

In some cases, restarting the server can also help.

sudo systemctl restart ssh

These commands should work as long as the SSH server is installed. The SSH server package isn’t installed by default though, it has to be done manually. So, if you get a service could not be found error, you know what the problem is.

Finally, even when the SSH server is installed, purging and reinstalling it can sometimes fix this error.  

sudo apt purge openssh-server
sudo apt install openssh-server

Check SSH Server Configs

Next, you should verify that nothing in your SSH config files is preventing the connection from being established.

sudo nano /etc/ssh/sshd_config

For starters, check the Port directive. If you’ve uncommented it and set it to use a port other than the default (22), you must do a couple of things.

First, add a firewall rule to allow traffic through this port. Check the next section if you need help with this. Second, use the -p flag when connecting from the client and specify the used port like so 

ssh -p 746 user@remoteserver

Next, check the ListenAddress directive. The default value (0.0.0.0) means that the SSH server is listening for connections from all addresses. If you’ve modified this directive to only listen from specific IP addresses, make sure the client device’s current IP address is also included here. 

If you made any config changes, restart the server to apply them.

sudo systemctl restart ssh

Check Firewall Rules

Another possible reason for this error is that the server firewall isn’t configured to allow traffic through the SSH port. Assuming you’re using the default port, add the necessary rule like so

sudo ufw allow 22/tcp

If you’re using a different port for SSH, change the value accordingly.

Further Troubleshooting

If the error isn’t resolved so far, we’ll have to look at some uncommon but possible causes.

Test Name Resolution

First, try connecting using the remote server’s IP address instead of the hostname like so 

ssh [email protected]

If this method works, the connection was being refused due to name resolution failure. Try flushing the DNS cache.

sudo resolvectl flush-caches

If you’re unable to connect using the hostname despite clearing the DNS cache, you’ll have to change your DNS servers.

Check Hosts Files

Check the /etc/hosts.allow and /etc/hosts.deny files on the server to ensure the connection isn’t being refused due to them.

Use Debug Mode

Try connecting using the verbose flags and see if you get any useful info regarding what’s causing the error.

ssh -vvv user@remoteserver
Anup Thapa

Senior Writer

Anup Thapa is a Linux enthusiast with an extensive background in computer hardware and networking. His goal is to effectively communicate technical concepts in a simplified form understandable by new Linux users. To this end, he mainly writes beginner-friendly tutorials and troubleshooting guides. Outside of work, he enjoys reading up on a range of topics, traveling, working out, and MOBAs.