Troubleshooting
Problem
Establishing SSH connections between the Console and a Managed Host could return error messages that indicate issues with the network, NICs, firewall, or hosts that are down. This article provides an overview of errors like "No route to host
","Connection timed out", and "Connection refused"
.
Symptom
Trying to establish an SSH connection from the Console to a Managed Host fails with a similar error:
ssh: connect to host 192.0.2.11 port 22: No route to host
ssh: connect to host 192.0.2.11 port 22: Connection timed out
ssh: connect to host 192.0.2.11 port 22: Connection refused
ssh: connect to host 192.0.2.11 port 22
:Connection reset by peer
Cause
There are several potential issues why the SSH session could not establish:
- Firewall blocking port 22.
- The managed host is powered off.
- The managed host presents NIC issues, for example, IP address misconfiguration, NIC down, and so on.
- The managed host cannot be reached due to network configuration issues, for example, routing.
- The SSH service is not running in the managed host.
- The SSH negotiation fails.
Diagnosing The Problem
Administrators use the telnet command to validate whether the network is blocking the connection to the remote host:
The following examples show what a good SSH connection looks like:
ssh <Remote_IP>
Last login: Thu Jun 8 09:47:17 2023 from X.X.X.X
This server was upgraded to QRadar <version>.
[root@remoteHost ~]#
The administrator validated the SSH connectivity and can proceed with the Resolving The Problem section.
Resolving The Problem
Administrators who are trying to resolve the SSH connection issue see the explanation under each connection message.
SSH connection message: Connection timed out
[root@console ~]# telnet 192.168.0.77 22
Trying 192.168.0.77...
telnet: connect to address 192.168.0.77: Connection timed out.
Explanation
The "timed out" message is mostly related to a firewall quietly denying the connection but not sending the message back. Validate with your respective network administrator.
SSH connection message: Connection refused
[root@console ~]# telnet 192.168.0.77
Trying 192.168.0.77...
telnet: connect to address 192.168.0.77: Connection refused.
ExplanationThe "connection refused" message is mostly related to a firewall actively blocking port 22. Validate with your respective network administrator.
SSH connection message: No route to host
[root@console ~]# telnet 192.168.0.77 22
Trying 192.168.0.77...
telnet: connect to address 192.168.0.77: No route to host
Explanation
The "no route to host" message means that the remote host is not reachable. The "no route" message shows up when the remote host is down or the network has no access to it.
Related Information
Document Location
Worldwide
Was this topic helpful?
Document Information
Modified date:
22 February 2024
UID
ibm10960870