Chapter 4. Troubleshooting SSH connections

Verify that the server is configured for network interface. The following defaults from /etc/ssh/sshd_config will allow connections from any address on port 22:

			#Port 22
			#AddressFamily any
			#ListenAddress 0.0.0.0
			#ListenAddress ::

As root, check to make sure the service is running, start it if not, and enable it to run automatically at startup if desired:

# systemctl status sshd.service
# systemctl start sshd.service
# systemctl enable sshd.service

Attempt to connect with ssh 127.0.0.1.If the server is reachable locally, you will need to check that your firewall is allowing traffic to the server.firewall-cmd --get-services | grep ssh should list ssh in its output.

Watch the ssh daemon's logs with journalctl -u sshd.service -f and action any errors that come up.

If you are using public key authentication, Check to make sure that you have the correct permissions applied to your .ssh and authorized_keys file, and correct them if needed. These commands should be run by the user that is experiencing problems.

$ getfacl {~/.ssh/authorized_keys,~/.ssh}
$ chmod 700 ~/.ssh; chmod 600 ~/.ssh/authorized_keys

If the server will not start up correctly, sshd can be run as a process with sshd -D. sshd will output all server messages directly to the terminal.

The ssh client can be run with the "-v" flag to get verbose output from the command. This can help if you are having difficulty using public keys.