Technology Encyclopedia Home >When I remotely connect to a Linux instance, a message appears saying that the connection is refused. How can I solve this problem?

When I remotely connect to a Linux instance, a message appears saying that the connection is refused. How can I solve this problem?

Created on 2025-06-16 16:37:25
27

When you encounter a "connection refused" error while remotely connecting to a Linux instance, it typically indicates that the remote service (e.g., SSH) is not running, the port is blocked, or the instance is unreachable. Here’s how to troubleshoot and resolve the issue:

1. Check if the Remote Service is Running

  • For SSH, verify if the sshd service is active:
    sudo systemctl status sshd
    If it’s not running, start it:
    sudo systemctl start sshd
    Enable it to start on boot:
    sudo systemctl enable sshd

2. Verify the Port and Firewall Rules

  • Ensure the SSH port (default: 22) is open in the firewall:
    sudo ufw allow 22  # If using UFW
    Or check iptables:
    sudo iptables -L -n
  • If using a cloud provider’s security group (e.g., Tencent Cloud Security Group), ensure the inbound rule allows traffic on port 22 from your IP.

3. Check Network Connectivity

  • Ping the instance to confirm it’s reachable:
    ping <instance_ip>
  • If ping fails, check your local network, VPN, or routing issues.

4. Verify SSH Configuration

  • Check /etc/ssh/sshd_config for misconfigurations (e.g., wrong port or ListenAddress).
  • Restart sshd after changes:
    sudo systemctl restart sshd

5. Check for IP or Port Conflicts

  • Ensure no other service is using port 22:
    sudo netstat -tuln | grep 22
  • If another service is using the port, change the SSH port in /etc/ssh/sshd_config and update the firewall rules.

6. Tencent Cloud-Specific Checks

  • If using Tencent Cloud, verify:
    • The instance is in the "Running" state in the Tencent Cloud Console.
    • The Security Group and Network ACL allow SSH traffic.
    • The instance’s VPC and subnet have proper routing and internet access (if applicable).

Example: Fixing a Common Scenario

If you modified /etc/ssh/sshd_config to change the SSH port to 2222 but forgot to update the firewall:

  1. Update the firewall:
    sudo ufw allow 2222
  2. Update Tencent Cloud Security Group to allow port 2222.
  3. Restart sshd:
    sudo systemctl restart sshd
  4. Connect using:
    ssh -p 2222 user@instance_ip

For Tencent Cloud, you can also use VNC Console in the console to access the instance directly if SSH is unavailable.