putty "connection refused"

**RJ.** · 03-05-2012

hello everyone,

I changed the default port for ssh but now
I cant seem to be able to connect to my virtualised CentOS server with putty.

I get connection refused.

I turned off iptables and it worked.
I tried to add this new port to iptables, it does show in the list of INPUT, but I still cant connect.

is there something I forgot to do?

I apologise if this has been asked a lot already but i couldnt find anything about it.

**dr_faust** · 03-06-2012

Did you activate the SSH demon on your server?

chkconfig sshd on
service sshd start

**Lazydog** · 03-06-2012

If turning off IPTABLES it work then I would need to know what your rules look like to say why the firewall is blocking the connection.

**Foreclosure** · 03-06-2012

Does the ssh daemon need to be listening on a port other than 22?

**RJ.** · 03-06-2012

Its definitely iptables

I included the rule:

ACCEPT tcp anywhere anywhere tcp dpt:11576

Still putty will not connect to it.

And , yes, I did change the default port at /etc/ssh/sshd_config to the same port.

im working behind a different pc now and now i get the same error with iptables off :S.

**Lazydog** · 03-07-2012

If you are getting the same error with iptables turned off then I would not think it is iptables that is causing your issues.
What is the output from;

Code:

service sshd status

Also can you post /etc/sysconfig/iptables Just to be sure nothing would be causing an issue there too.
You can PM your rules to me if you do not want to post them on a public forum.

**RJ.** · 03-07-2012

Originally Posted by Lazydog

Also can you post /etc/sysconfig/iptables Just to be sure nothing would be causing an issue there too.You can PM your rules to me if you do not want to post them on a public forum.

thats okay, its just a VM anyway. Just for testing and learing. Here's the content of Iptables:

Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
ACCEPT tcp -- anywhere anywhere tcp dpt:11576

Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:11576

11576 is the new port im using , or trying to use, for ssh.

I tried it on a actual network this time and it does work with iptables turned off but not with ift turned on.

**Lazydog** · 03-07-2012

Originally Posted by RJ.

REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
ACCEPT tcp -- anywhere anywhere tcp dpt:11576

This is why it is not working. You have to place the line to allow port 11576 before the reject line.
Rules are read from top to bottom in order first match is executed thus every after REJECT is never seen.

**RJ.** · 03-07-2012

Thank you very much

That did it.

**Lazydog** · 03-07-2012

Glad I could help.

Thread Tools

Display

putty "connection refused"

Posting Permissions