Linux SSH Connection Refused — Port 22

SSH 'Connection refused' on port 22 means the SSH server is not running, the port is blocked, or SSH is configured on a different port. This guide covers everything you need to know about this topic, including common causes, step-by-step solutions, and answers to frequently asked questions.

Here are the key things to understand: TCP connection to port 22 is actively refused by the target. Different from 'Connection timed out' which means the port is filtered/blocked. The SSH daemon (sshd) must be running on the target machine. Firewall rules may block port 22 even if sshd is running. SSH may be configured on a non-standard port for security. Understanding these fundamentals will help you diagnose and resolve this issue more effectively.

The most common reasons this occurs include: SSH server (sshd) not installed or not running. Firewall (iptables/nftables/ufw) blocking port 22. SSH configured on a non-standard port. TCP Wrappers (/etc/hosts.deny) blocking the client IP. SELinux policy blocking SSH connections. Identifying the root cause is the first step toward finding the right solution.

To resolve this, follow these recommended steps: Check if sshd is running: systemctl status sshd (or ssh on Debian/Ubuntu). Start SSH: sudo systemctl start sshd && sudo systemctl enable sshd. Check firewall: sudo ufw status or sudo iptables -L -n | grep 22. Allow SSH through firewall: sudo ufw allow 22 or sudo firewall-cmd --add-service=ssh --permanent. Check SSH port: grep Port /etc/ssh/sshd_config — connect with ssh -p PORT user@host. If these steps do not resolve the issue, consider consulting additional resources or a qualified professional.

This article is part of our Linux Error Codes collection on Error Codes Wiki. We provide comprehensive, up-to-date information to help you find solutions quickly.