Cannot connect to SSH

Hi there,
I am facing some issues with the System clock synchronization. I have done a lot of research and had it working somehow but today is not working again don’t know why.

I have enabled and started the service with:
systemctl enable systemd-timesyncd.service
systemctl start systemd-timesyncd.service

Also uncomment these lines in /etc/systemd/timesyncd.conf:
[Time]
NTP=0.manjaro.pool.ntp.org
FallbackNTP=0.manjaro.pool.ntp.org 1.manjaro.pool.ntp.org 2.manjaro.pool.ntp.org 3.manjaro.pool.ntp.org

timedatectl status returns: 

Local time: sáb 2021-12-04 20:23:49 CET
Universal time: sáb 2021-12-04 19:23:49 UTC
RTC time: lun 2021-11-29 09:07:23
Time zone: Europe/Madrid (CET, +0100)
System clock synchronized: no
NTP service: active
RTC in local TZ: no

Maybe is something related to my router? Because I am trying to use SSH, git, etc at home and cannot connect (even having opened 22 port in this case). My ISP told me everything’s fine. But as this laptop with Manjaro is new and also my provider plan and my router are too I don’t figure out what’s going on.

Thanks for you help

For SSH:

Try to connect to youself :wink: first !

ssh -v myname@localhost

you can use -v, -vv, -vvv

Then compare with connecting to the IP(!) you want:

ssh -v myname@123.456.789.101

Then try with the hostname:

ssh -v myname@extern_hostname.org

And maybe post here what you found out :wink:

1 Like

Hello,
First off be careful opening SSH on your router you could of allowed inbound connections from the internet to a host behind your router. I’m not sure of your skill level, so I just wanted to point that out. Also, please try pinging the NTP servers you listed to confirm you can reach them. Send any error messages back if all possible. Good luck!

2 Likes

Hi guys,

First of all thanks for replying.

I have realise that my MacBook can connect SSH through Wi-Fi, so maybe it’s not the router… I tried to connect SSH with my Manjaro Laptop and by my mobile phone which has a custom android version ( /e/project ) having no results.

Return of SSH when trying to connect by Wi-Fi:

ssh -v admin@*****.com
OpenSSH_8.6p1, OpenSSL 1.1.1k 25 Mar 2021
debug1: Reading configuration data /data/data/com.termux/files/usr/etc/ssh/ssh_config
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to *****.com [123.456.789.10] port 22.
debug1: connect to address 123.456.789.10 port 22: Connection timed out
ssh: connect to host *****.com port 22: Connection timed out

Return of SSH when trying to connect by Mobile Data:

OpenSSH_8.6p1, OpenSSL 1.1.1k 25 Mar 2021
debug1: Reading configuration data /data/data/com.termux/files/usr/etc/ssh/ssh_config
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to u-u.monster [185.253.155.236] port 22.
debug1: Connection established.
debug1: identity file /data/data/com.termux/files/home/.ssh/id_rsa type 0
debug1: identity file /data/data/com.termux/files/home/.ssh/id_rsa-cert type -1
debug1: identity file /data/data/com.termux/files/home/.ssh/id_dsa type -1
debug1: identity file /data/data/com.termux/files/home/.ssh/id_dsa-cert type -1
debug1: identity file /data/data/com.termux/files/home/.ssh/id_ecdsa type -1
debug1: identity file /data/data/com.termux/files/home/.ssh/id_ecdsa-cert type -1
debug1: identity file /data/data/com.termux/files/home/.ssh/id_ecdsa_sk type -1
debug1: identity file /data/data/com.termux/files/home/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /data/data/com.termux/files/home/.ssh/id_ed25519 type -1
debug1: identity file /data/data/com.termux/files/home/.ssh/id_ed25519-cert type -1
debug1: identity file /data/data/com.termux/files/home/.ssh/id_ed25519_sk type -1
debug1: identity file /data/data/com.termux/files/home/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /data/data/com.termux/files/home/.ssh/id_xmss type -1
debug1: identity file /data/data/com.termux/files/home/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.6
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.9p1 Debian-10+deb10u2
debug1: compat_banner: match: OpenSSH_7.9p1 Debian-10+deb10u2 pat OpenSSH* compat 0x04000000
debug1: Authenticating to domain.com:22 as ‘admin’
debug1: load_hostkeys: fopen /data/data/com.termux/files/home/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /data/data/com.termux/files/usr/etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /data/data/com.termux/files/usr/etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:+UsoRJPg7pqOz0Ed7THprLgHSaOftnLZx9K+RK4er9k
debug1: load_hostkeys: fopen /data/data/com.termux/files/home/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /data/data/com.termux/files/usr/etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /data/data/com.termux/files/usr/etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host ‘domain.com’ is known and matches the ED25519 host key.
debug1: Found key in /data/data/com.termux/files/home/.ssh/known_hosts:4
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /data/data/com.termux/files/home/.ssh/id_rsa RSA SHA256:gkbJVeuPG13A8SrcRGhVQjJyRXqHhwMkgj0PWdgoA0Q
debug1: Will attempt key: /data/data/com.termux/files/home/.ssh/id_dsa
debug1: Will attempt key: /data/data/com.termux/files/home/.ssh/id_ecdsa
debug1: Will attempt key: /data/data/com.termux/files/home/.ssh/id_ecdsa_sk
debug1: Will attempt key: /data/data/com.termux/files/home/.ssh/id_ed25519
debug1: Will attempt key: /data/data/com.termux/files/home/.ssh/id_ed25519_sk
debug1: Will attempt key: /data/data/com.termux/files/home/.ssh/id_xmss
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /data/data/com.termux/files/home/.ssh/id_rsa RSA SHA256:
aBhj25nfhTWHMOwh9 t3o23t7mhew9eto23y0weimasu
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /data/data/com.termux/files/home/.ssh/id_dsa
debug1: Trying private key: /data/data/com.termux/files/home/.ssh/id_ecdsa
debug1: Trying private key: /data/data/com.termux/files/home/.ssh/id_ecdsa_sk
debug1: Trying private key: /data/data/com.termux/files/home/.ssh/id_ed25519
debug1: Trying private key: /data/data/com.termux/files/home/.ssh/id_ed25519_sk
debug1: Trying private key: /data/data/com.termux/files/home/.ssh/id_xmss
debug1: Next authentication method: password
admin@*****.com’s password:

When trying to connect localhost connected to the Wi-Fi it returns:

ssh -v u0_a153@localhost

OpenSSH_8.6p1, OpenSSL 1.1.1k 25 Mar 2021
debug1: Reading configuration data /data/data/com.termux/files/usr/etc/ssh/ssh_config
debug1: Authenticator provider $SSH_SK_PROVIDER did not resolve; disabling
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: connect to address 127.0.0.1 port 22: Connection refused
ssh: connect to host localhost port 22: Connection refused

Any idea what could be causing this?

On the other hand, I have ping every manjaros’s NTP server and everything seems to be working correctly… but still having wrong the system clock and the status returns “System clock syncronized: No”, even doing “systemctl enable systemd-timesyncd.servic” & “systemctl start systemd-timesyncd.service”

Thank you all.

Thank you, please see my update :slight_smile:

Hi thanks for replying. I have ping every NTP server but even I can reach them system clock still not working properly :confused:

Also I don’t understand if I don’t open port 22 in my router, how could it work? My level is basic I am still learning Linux and Networking

So it seems you have no sshd running on localhost :wink:

This seems to be not the right IP :wink: (i did type 123.456… but you have to replace this by the IP you want to connect :wink: I think this would have been [185.253.155.236] (no necessary any more)

So we got connected.

So the host and hostkey are OK

But none of the offered keys are allowed to connect

Next step would be to read, (on the server in the logs) why sshd on the server has denied access.

1 Like

Also I don’t understand if I don’t open port 22 in my router, how could it work? My level is basic I am still learning Linux and Networking:

You may need to open outbound traffic, but if it’s just a consumer grade router this is most likely unnecessary. If you open port 22 inbound traffic potentially someone from the internet could try to authenticate to a machine running SSH. I would undo any changes in regards to opening ports on your router until you can study more on the topic. You would only open inbound ports if you’re trying to connect to one of your machines while your not at home, but it would be much safer to setup a VPN for this. An easy to use mesh VPN like the one LogMeIn makes would work well.

1 Like

Thank you for your time everything is because the router but it only happens when I connect to the Wi-Fi with a linux based OS like Android as well don’t know why… Also one technician who came told me this model as far as he nows is capped and I realised this is why I am experiencing this issue.

Time synchronizing is not working when connecting by Wi-Fi and my system clock leaves outdated so I cannot connect out to the internet (useless)…even having internet some services don’t work properly…

I mean, if it would be something related to the port forwarding, the MacBook would not work as well but it does so… what do you think? I can connect ssh to my server at my Manjaro’s laptop when mobile data but cannot by wi-fi so it seems clear xD

Perhaps tomoprrow will call them to have new different router.

Thank you anyway :slight_smile:

Did you read my post ?

The log states that you reached your server, but that the server refused your key. That is not a problem with the router :wink:

2 Likes

You don’t have to port forward to reach an external device, so the MacBook would work without the forwarding. If you don’t want to run in circles I would listen to andreas85’s post. Thanks and good luck!

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.