- SSH Connection Error: No route to host
- 8 Answers 8
- Как исправить «No route to host» SSH в Linux (РЕШЕНО)
- How to Fix “No Route to Host” Connection Error on Linux
- Why Am I Getting the “No Route to Host” error?
- Host Is Offline/Service Isn’t Running
- Wrong Port
- Iptables Is Blocking the Connection
- Your DNS Is Improperly Configured
- The GUI Way
- Incorrect Network or Host Configuration
SSH Connection Error: No route to host
All the machines have Ubuntu 11.04 (Desktop A is a 64bit one) and have both openssh-server and openssh-client.
Now when I try to connect Desktop A to Laptop A or vice-versa by ssh user@1.23.y.y I get an error as
I own both the machines, now if I try same commands from my friend’s machine, i.e. via Desktop B, I can access both my Laptop and Desktop. But if I try to access Desktop B from my Laptop or by Desktop I get
port 22: Connection timed out
I even tried changing ssh port no. in ssh_config file but no success.
Note: that ‘Laptop A’ uses WiFi connection while ‘Machine A’ uses Ethernet Connection and ‘Machine B’ is on an entirely different network.
@Lekensteyn Here it is ->
Laptop A && Desktop A -> Router/Nano_Rcvr provided to me by ISP. So to one Router two Machines are connected and can be accessed at the same time. here is my ifconfig output for both the machines :- Laptop
Link encap:Ethernet HWaddr X:X:X:X:00:bc inet addr:1.23.73.111 Bcast:1.23.95.255 Mask:255.255.224.0 inet6 addr: fe80::219:e3ff:fe04:bc/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:108409 errors:0 dropped:0 overruns:0 frame:0 TX packets:82523 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:44974080 (44.9 MB) TX bytes:22973031 (22.9 MB)
Link encap:Ethernet HWaddr X:X:X:X:c5:78 inet addr:1.23.68.209 Bcast:1.23.95.255 Mask:255.255.224.0 inet6 addr: fe80::227:eff:fe04:c578/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:10380 errors:0 dropped:0 overruns:0 frame:0 TX packets:4509 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1790366 (1.7 MB) TX bytes:852877 (852.8 KB) Interrupt:43 Base address:0x2000
Output of ip route show
1.23.64.0/19 dev wlan0 proto kernel scope link src 1.23.73.111 metric 2 169.254.0.0/16 dev wlan0 scope link metric 1000
Output of traceroute -n 1.23.73.111
traceroute to 1.23.73.111 (1.23.73.111), 30 hops max, 60 byte packets 1 1.23.68.209 3008.787 ms !H 3008.786 ms !H 3008.784 ms !H
Please correct those IP addresses. Is 1.23.x.x a public IP address? If not, please use 10.x.x.x, 192.168.x.x or 172.16.x.x. Can you ping the other machines? ping 192.168.x.x
Sounds weird but its a public IP Addr if u want I can give you ‘ifconfig’ output. No I cant Ping both my machines it says ‘Destination Host Unrechable’ Though I can ping my friend’s machine
Could you draw your network setup? ASCII art will be fine. You need to include the machines, the «internet» and involved (home) routers/modems.
I agree with @Lekensteyn. These problems are most commonly NAT/forwarding issues. Explain your network structure and we can probably help.
8 Answers 8
The routes look fine. I’ll assume that those IP addresses are private ones (LAN) and not public accessible.
Since you’re connected in different ways to the network (wifi / wired), it’s very likely that your router has separated wired / wireless networks. Try connecting both of them on a wired (or wireless) connection. Another possibility is that a firewall on the Ubuntu machines is blocking connections.
Otherwise, configure your router to use the same network (subnet) for wireless and wired connections. Also make sure that the router does not block client-to-client communication.
Your router is possibly dropping all unsolicited packets, that’s why your friend gets a «connection timed out» message on your public IP address. Configure NAT port forwarding so that the public IP address + port combination forwards to your LAN address.
YOUR NETWORK (A) Router A (public address: 198.51.100.1) Desktop A - 10.0.0.2 Laptop A - 10.0.0.3 YOUR FRIENDS NETWORK (B) Router B (public address: 203.0.113.1) Machine B - 192.168.0.2
On Router A, setup NAT forwarding:
To make your desktop accessible: forward the public port 22 to 10.0.0.2 To make your laptop accessible: forward the public port 2222 to 10.0.0.3
If you’ve a firewall ( ufw , iptables , . ) on the machines set, allow incoming traffic to port 22 (Desktop A) and port 2222 (Laptop A).
The desktop can now be accessed using SSH with:
The laptop can now be accessed using SSH with:
If you want to access your friends machine, apply these instructions to his machine + router.
Как исправить «No route to host» SSH в Linux (РЕШЕНО)
SSH — это самый безопасный способ управления удалёнными серверами Linux. Одной из самых частых ошибок с которыми вы можете столкнуться при использовании SSH является «ssh: connect to host port 22: No route to host». В этой короткой статье будет показано, как выяснить причины этой ошибки и исправить её.
Необязательно это может быть именно 22 порт — в зависимости от ваших настроек удалённого хоста порт может быть другим. В качестве меры безопасности, системные администраторы могли настроить доступ к SSH на другом порту.
Имеется несколько возможных причин, почему возникает эта ошибка. Это сообщение является нормальным, если удалённый сервер выключен. То есть в первую очередь вам нужно проверить, что удалённых хост работает. Это можно сделать с помощью команды ping:
Если удаётся пинговать удалённый сервер, то это говорит о том, что удалённый сервер запущен. В этом случае причиной ошибки в чём-то другом.
Если у вас запущена служба файервола на удалённом сервере, то возможно, что файервол блокирует доступ по 22 порту.
Следовательно вам нужно подключиться физически к консоли сервера или если это VPS (виртуальный частный сервер) вы можете использовать любые другие средства, такие как VNC (если он уже установлен) или другие пользовательские приложения доступа к удалённому серверу, которые предоставлены вашим провайдером услуг VPS. Подключите и выполните вход в командную строку.
Если сервер работает на RHEL/CentOS/Fedora, то нужно использовать команду firewall-cmd, чтобы открыть 22 порт (или другой порт, который вы настроили для использования с SSH):
firewall-cmd --permanent --add-port=22/tcp firewall-cmd --reload
Если сервер работает на Debian/Ubuntu, то нужно использовать команду UFW, чтобы открыть 22 порт (или другой порт, который вы настроили для использования с SSH) следующим образом:
sudo ufw allow 22/tcp sudo ufw reload
Теперь попробуйте вновь подключиться к удалённому серверу по SSH:
Проблема должна исчезнуть.
How to Fix “No Route to Host” Connection Error on Linux
When you’re trying to connect to a service on Linux, “No route to host” is one of the last things you want to hear. It’s a broad message that means your computer can’t reach the target server, whether a local server daemon running on your system or a remote server that you can’t access for whatever reason. Here we show you how to fix the “no route to host” connection error in Linux.
Why Am I Getting the “No Route to Host” error?
There are many reasons why you could be getting that error. Networking in Linux is a somewhat complicated stack that’s pretty intricate, and as a result, it’s tough to determine exactly where the issue is.
Host Is Offline/Service Isn’t Running
It may seem painfully obvious, but you should first check that the server that you’re trying to connect to is even online. It might have been taken down for maintenance or be experiencing issues.
The service itself might not have been started. If it’s your server, you can check to see if the service has been started and is running properly. To do that with Systemd, run the following command.
sudo systemctl status SERVICENAME
Wrong Port
You may be trying to connect on the incorrect port. Many system administrators choose to run commonly targeted services like SSH on different ports to help thwart would-be attackers.
If the server isn’t your own, check the available documentation or contact their support services.
For your own server, you can try using NMAP to figure out where you started your service.
sudo nmap -sS your.server.ip
If you think you used a really obscure port, you can use the -p- flag to scan them all. It will take a while though.
Iptables Is Blocking the Connection
You may have accidentally configured iptables to block connections on that port. You would receive the same message whether you configured iptables on the server or your desktop, so it’s worth checking both. To see your iptables rules, run the following command.
Your DNS Is Improperly Configured
If all else fails, you should try to ping the IP address that you’re looking to connect to. It could be that your computer isn’t connecting to a DNS server properly.
If the ping works but connecting a domain name doesn’t, you’re looking at a DNS issue.
Systemd users can run systemd-resolve —status to check the DNS servers that your system is using. It’s broken down by interface, so make sure to check the one that you’re actually trying to connect through.
In most cases your computer will discover the relevant DNS information over DHCP. If you’re using a static IP or something on your network is configured differently, you may have to set your DNS manually.
Open “/etc/systemd/resolved.conf.” In that file, uncomment the DNS line and add either the IP of your router or another known DNS server. The default fallback DNS for Systemd is Google’s DNS servers listed under FallbackDNS .
If you’re using OpenRC or another Systemd alternative, you can find your DNS information in “/etc/resolv.conf.”
If there’s nothing there, enter the IP address of your router or any other known DNS server that you’d prefer to use.
After, either restart networking or your entire computer.
The GUI Way
If you’re using a graphical desktop with Network Manager, you can edit your connection information that way. Open the applet or go through your system settings. Select your connection and find the “IPv4” tab. Switch the connection to “Manual” and manually enter in the IP address of your computer and the IP of your router as the gateway. Then, in the DNS field below, enter your router’s IP or the IP of another DNS server.
Incorrect Network or Host Configuration
There are several other configuration options that may be incorrect. Any of them would make it impossible for your computer to connect to the server.
First, make sure that your computer’s network configuration is correct. Double-check the configuration files themselves and, of course, see if you can connect to the Internet another way.
If you’re using a specific hostname to connect or you’ve set up specific hosts on either the server or the client, you need to make sure both machines can connect to each other. Check the configurations of “/etc/hosts,” “/etc/hosts.allow,” and “/etc/hosts.deny.”
Finally, check your server configuration. Something may be improperly configured on the server, preventing clients from connecting properly.
Hopefully, using these tips has allowed you to fix whatever issues were happening that caused the “No Route to Host” error. Meanwhile, you can learn how to control your Wi-Fi network in Linux or check if your firewall is blocking any incoming and outgoing connection.
John is a young technical professional with a passion for educating users on the best ways to use their technology. He holds technical certifications covering topics ranging from computer hardware to cybersecurity to Linux system administration.
Our latest tutorials delivered straight to your inbox