Ssh error – bind to port 22 failed: Address already in use

ssh

I am trying to get my own web server started. I have installed a fresh copy of ubuntu server and openSSH.

I can SSH into the server fine by using the internal IP (192.168.1.12) but cannot access it through my external IP address. I have set up port forwarding but still get 'connection refused' from putty.

One thing I have noticed is that if I log on to my web server and type sudo /usr/sbin/sshd -d I get the following errors:

debug1: Bind to port 22 pm 0.0.0.0
Bind to port 22 on 0.0.0.0 failed: Address already in use.
debug1: Bind to port 22 on ::.
Bind to port 22 on :: failed: Address already in use.

I'm guessing this is the cause of my problems trying to ssh using my external address? I've tried to disable ipv6, but only one of the errors is fixed when I do this

EDIT:
netstat -tan | grep LIST gives the following result

tcp    0    0 0.0.0.0:22      0.0.0.0:*      LISTEN
tcp6   0    0 :::22           :::*           LISTEN

netstat -tulpn

Proto Recv-Q  Send-Q   Local Address       Foreign Address      State    PID/Program name
tcp     0       0      0.0.0.0:22            0.0.0.0:*          LISTEN     620/sshd
tcp6    0       0      :::22                 :::*               LISTEN     620/sshd
udp     0       0      0.0.0.0:68            0.0.0.0:*                     604/dhclient3

Best Answer

sshd is already running, as evidenced by your netstat. It is also bound to all IPs (0.0.0.0 in the netstat) so there should be no problem there.

Do you have a firewall on your router? You may have port forwarding enabled but a firewall may still be dropping the 22. It is also possible that your ISP is blocking 22 before it even gets to you. I would also do an iptables -F (drop all the iptables rules) to be sure; they'll return on a reboot (or you can restore them using iptables-restore).

You can confirm that sshd is not refusing the connections by checking /var/log/auth.log for the refused connections.

If you've confirmed that you have no refused connections in your logs and no firewall on your router then I would suggest changing SSH to use a port other than 22 (a random high port > 1024). You can do that by editing /etc/ssh/ssh_config and changing "Port 22" to something higher.

EDIT: Update from the comments to save a read; you should also try checking from an IP outside of your network in circumstances like this. In this case the ISP was blocking port 22, and connecting to a high port internally (specifying the external IP) was not working, probably due to a lack of hairpin NAT.

Related Topic