SSH connection gives timeout, was working a day ago

2

1

Here's the situation. SSH was working perfectly fine until a day ago. I didn't do anything out of the ordinary. I was able to putty into my server, use git over ssh, etc.

But now I can't do any of that. The error is persistent and common across all SSH clients and devices I use (putty, git bash, cmder, etc). The error of course is connection timeout. And here is what I have tried so far.

  • ssh -vvv mydomain.com doesn't return anything useful, just the same error after a bunch of useless stuff.
  • Tried disabling the windows firewall (Duh). No cake.
  • Checked and made sure my server is still serving on :22. Git connection to bitbucket isn't working anymore either, mind you.
  • Tried it on different device (my laptop). Still connection timeout. (So OS is probably not at fault here).
  • Tried resetting the router. No cake.
  • Changing the internet connection does make the problem go away.

So maybe the ISP blocked the 22 port? But it was working yesterday. And also how do I make sure the problem is on ISP's end?

Achshar

Posted 2017-08-05T21:29:32.803

Reputation: 131

Where is the server? Is it out on the Internet with a hosting provider or at your home or business? Where are the client systems? You listed "wireless-networking" as one of the tags for your post. Are the client systems you've used to attempt to connect to the SSH server using a Wi-Fi connection at your home or your business? I'm trying to get an idea of what the network path is between your client systems and the SSH server. You mentioned disabling the Windows Firewall; is that at the server end, i.e., the SSH server is running on Microsoft Windows? Does your server have a static IP address? – moonpoint – 2017-08-05T22:30:44.800

I am on a Vultr VPS. The server has a static ip, the firewall I disabled is on my own machine (Which is having trouble connecting). The server's firewall I think is working fine because I can connection from some other connection. I am connecting with a broadband connection from my desktop and wifi from my laptop, using the same connection. – Achshar – 2017-08-06T09:07:01.477

Answers

1

It would be unusual for an ISP to block outgoing SSH connectivity, i.e., outgoing connections with a destination port of TCP port 22, but you can test that from one of the client systems, e.g., by using PuTTY to attempt to connect to port 22 at portquiz.net; the portquiz.net server listens on all TCP ports, allowing you to test any outbound TCP port. You should see a username and password prompt from the portquiz server.

You mentioned that you don't believe there is a problem at the server end, since you can connect to the SSH server from another location. Since firewall software can block on specific IP addresses or address ranges, you should verify that it isn't blocking on the IP address assigned to your systems by your ISP; you can visit www.whatismyip.com to determine your currently assigned external IP address. If the server is using iptables for firewall capabilities, see How To List and Delete Iptables Firewall Rules.

Usually, one wouldn't expect some firewall block to be put in place without you specifically requesting it, but if the server is running Fail2ban or some similar intrusion detection system (IDS) software, if you inadvertently mistyped your login credentials several times when attempting to logon by SSH, it is even possible that your IP address was banned from SSH connections at the server, though the ban might be a temporary one. If the server is running Fail2ban, check its log file, likely at /var/log/fail2ban.log; if the address is there you can unban the IP address.

Do you have access to the server from the client systems on other ports? E.g., if the server is functioning as a web server can you connect to port 80 and/or 443 from the client systems? Or port 25, if it is functioning as an email server. Can you ping the server from the client systems? If you don't have any access to other ports when you would expect to have such access, if there's not a block at the server of your IP address, perhaps there's a problem with network connectivity between your ISP and the server.

Wireshark is a very useful tool for troubleshooting connectivity problems. It is free and available for a variety of operating systems, including Microsoft Windows. You could install it on one of the client systems and observe the network traffic between your systems and the server. It can capture and display all network traffic between the system on which it is run and other systems; to isolate just the traffic between the client system and the server, you can configure Wireshark to filter by port number, e.g., 22, or IP address. There's also the command-line tool, WinDump, which is the equivalent of the commonly used tcpdump utility on Linux systems, but since Wireshark provides a graphical user interface (GUI), it will be easier to analyze the traffic with it. With a packet analyzer, such as Wireshark, you could determine if the client system is seeing any packets from the server or if the traffic is all one way, i.e., from the client to the server.

moonpoint

Posted 2017-08-05T21:29:32.803

Reputation: 4 432

Thanks for the response! portquiz.net is timeout as well. The server is a completely blank ubuntu installation, I reset it to make sure nothing was messing with it. And I have a dynamic IP from my isp so the server can't block my ip even if it somehow wanted to. I can ping the server, and load it on port 80, 22 seems to be hit specificaly. I was going nuts. This goes against everything I know. So I took up a vpn and what do you know, it worked. So my isp definitely fucked me. It's ridiculous really. It's a backwards ass ISP and I can totally see them pulling crap like this. – Achshar – 2017-08-06T19:53:29.337

1Also did I mention, I can't connect to bitbucket or gitlab servers via ssh either. So my server is definitely not at fault there. – Achshar – 2017-08-06T19:54:14.827

@Achshar, unless there's something odd happening at your router, e.g., perhaps an inadvertent block of outgoing port 22 connections, it does seem your ISP may be blocking connections on that port. I'd contact their technical support department, since that type of block will block a lot of legitimate traffic and it seems especially odd for them to do so, if you were able to SSH out to other systems a few days ago via the ISP's connection. If they did block that traffic, perhaps it was a mistake by someone at the ISP rather than a policy change. – moonpoint – 2017-08-06T21:19:31.847

Lol, did some digging. I am not the only one. https://broadbandforum.co/threads/bsnl-broadband-seems-to-have-blocked-ssh-port-22-on-their-network.151617/

– Achshar – 2017-08-06T22:28:28.590

@Achshar, if they won't remove the block, you could likely still get to your server via SSH by editing the sshd configuration file on the server to change the port it listens on from the default port to another port. You could then have PuTTY or another SSH client connect to that port. You could also get to other SSH servers by establishing port forwarding with PuTTY, so that you could tunnel SSH connections to other SSH servers through your own server.

– moonpoint – 2017-08-06T23:47:56.650

Yeah port forwarding with an intermediate server is one option. I don't want to edit my sshd config because that's fixing the symptom not the disease. Plus I use ssh for more than just server access, I use it for gitlab, bitbucket and github. – Achshar – 2017-08-07T14:21:01.430

Asked: 2017-08-05T21:29:32.803

Viewed: 5 106 times

Active: 2017-08-06T14:35:10.120