Home / server / Questions / 181187
Accepted
ultracrepidarian
Asked: 2010-09-15 14:07:35 +0800 CST

CYGWIN sshd "port 22: Connection refused"

  • 772

Googled this to death, cannot resolve. I cannot connect to my CYGWIN sshd from another machine. Netstat shows connection is established. Can connect locally, no problem.

[oracle@aserver ~]$  ssh myid@mycomp
ssh: connect to host mycomp port 22: Connection refused

On mycomp:

$ netstat -a | grep ssh
  TCP    MYCOMP:ssh            MYCOMP.mydomain.com:0  LISTENING
  TCP    MYCOMP:1161           aserver.mydomain.com:ssh  ESTABLISHED

Successful login from the localhost:

$ ssh myid@mycomp
myid@mycomp's password:
Last login: Tue Sep 14 14:27:30 2010 from mycomp.mydomain.com
Fanfare!!!
You are successfully logged in to this server!!!

I'm on XP sp3, updated CYGWIN today. Tried cleanup and reconfigure, didn't help.

Cleanup (credit to Herb Maeder http://www.cygwin.com/ml/cygwin/2008-10/msg00370.html) :

# Remove sshd service
cygrunsrv --stop sshd
cygrunsrv --remove sshd
# Delete any sshd or related users (such as cyg_server) from /etc/passwd
#   (use your favorite editor)
# Delete any sshd or relaged users (such as cyg_server) from the system
net user sshd /delete

Configure:

$ ssh-host-config -y
*** Query: Overwrite existing /etc/ssh_config file? (yes/no) yes
*** Info: Creating default /etc/ssh_config file
*** Query: Overwrite existing /etc/sshd_config file? (yes/no) yes
*** Info: Creating default /etc/sshd_config file
*** Info: Privilege separation is set to yes by default since OpenSSH 3.3.
*** Info: However, this requires a non-privileged account called 'sshd'.
*** Info: For more info on privilege separation read /usr/share/doc/openssh/README.privsep.
*** Query: Should privilege separation be used? (yes/no) yes
*** Info: Note that creating a new user requires that the current account have
*** Info: Administrator privileges.  Should this script attempt to create a
*** Query: new local account 'sshd'? (yes/no) yes
*** Info: Updating /etc/sshd_config file
*** Query: Overwrite existing /etc/inetd.d/sshd-inetd file? (yes/no) yes
*** Info: Creating default /etc/inetd.d/sshd-inetd file
*** Info: Updated /etc/inetd.d/sshd-inetd


*** Warning: The following functions require administrator privileges!

*** Query: Do you want to install sshd as a service?
*** Query: (Say "no" if it is already installed as a service) (yes/no) yes
*** Query: Enter the value of CYGWIN for the daemon: []

*** Info: The sshd service has been installed under the LocalSystem
*** Info: account (also known as SYSTEM). To start the service now, call
*** Info: `net start sshd' or `cygrunsrv -S sshd'.  Otherwise, it
*** Info: will start automatically after the next reboot.

*** Info: Host configuration finished. Have fun!

myid@MYCOMP /cygdrive/c/Documents and Settings/myid
$ cygrunsrv -S sshd

myid@MYCOMP /cygdrive/c/Documents and Settings/myid
$ cygrunsrv -Q sshd
Service             : sshd
Display name        : CYGWIN sshd
Current State       : Running
Controls Accepted   : Stop
Command             : /usr/sbin/sshd -D
ssh cygwin

4 Answers

  1. Best Answer

    Can you telnet to port 22 from another computer?

    telnet <mycomp> 22

    If you're getting a connection refused (and you can connect via localhost), this is definitely a firewall issue. There are other firewalls besides Windows Firewall--McAfee, ZoneAlarm, etc., and it sounds like you're being blocked--since you can access it internally (indicating its listening on the correct port) but you can't access it externally (indicating external ports are closed).

    Surprisingly, Mozilla has a great look on configuring firewalls--including the Windows Firewall. Give it a try. Just because you think there's no firewall running--doesn't mean there isn't.

    • 2

  2. Is there any chance a Windows firewall is running?

    Have you run your SSH client in either verbose or debug mode?

    • 1

  3. I have been dealing with this exact issue for a few weeks now. It may not apply directly to this case. But I am going to share my experience here, in the hope that it may help somebody.

    The Cygwin SSHD is running on my Windows 7 Home Premium Box.

    • I WAS able to ssh into the machine from localhost, or by typing out my IP address. This was attempted, and was successful in Putty.
    • I was NOT able to ssh into the machine from any other device on the LAN.
      • I verified that this was not a firewall, or antivirus, or security issue. I tested this using apache portable on port 22. I was able to reach it on port 22. I also ensured that sshd.exe was given full ability to communicate on the network.
      • I turned off all firewall features on the machine. It was only windows defender, and windows firewall. This did not fix the problem
    • after some digging around. I was able to find that it was something with putty itself. For some reason, I am able to use an openssh client from my linux server (out in the cloud) in, without any problem. I think it has something to do with putty keys.
    • I ran putty.exe -cleanup and still had the problem.
    • On one of my linux servers, I get this ssh_exchange_identification: Connection closed by remote host
    • On another one of my linux servers, it just connects.

    Hope this helps.

    Devon

    --EDIT-- Okay. It started to get even stranger. I have 4 cloud servers, each tied to a different domain. One server could login to my sshd while others couldn't.

    I fixed this by commenting out all of the entries in hosts.deny. I also adjusted my hosts.allow file to look like this.

    ALL : localhost 127.0.0.1/32 [::1]/128 [::ffff:127.0.0.1]/128 : allow
SSHD : ALL

    That fixed it for me.

    • 0

  4. I faced the same error and found out that my sshd was not running. So start your sshd using net start sshd and it might work for you.

    • -2