Server: After upgrade from 16.04 to 18.04 ssh and ftp refuses connections












1














I upgraded my remote hosted server from 16.04 to 18.04. The first steps seemed to go fine without any errors or warnings. Until the reboot step.



I confirmed the reboot step. After this the ssh connection got closed of course. I waited for at least 4 hours (I don't know exactly how long, but minimum 4 hours), but I still couldn't got any ssh and sftp connections.



I can




  • successfully ping the server

  • make hard reboots via the web UI from my hoster

  • I know for a fact that cronjobs are still running


  • I get every few minutes emails with errors from the cronjobs (Boinc got uninstalled in the upgrade process so it obviously can't be started; and the Nextcloud cronjob fails since Postgres doesn't seem to be running)


  • since it is a remote server and I don't have any access I can't run any commands or read/write any files


I'm normally using a connection manager, but in the hope to get some more information than "connection refused" I also tried directly to execute it in the console, result:



[croydon ~]$ ssh -vvv <sever-ip>

OpenSSH_7.9p1, OpenSSL 1.1.1 FIPS  11 Sep 2018

debug1: Reading configuration data /etc/ssh/ssh_config

debug3: /etc/ssh/ssh_config line 52: Including file /etc/ssh/ssh_config.d/05-redhat.conf depth 0

debug1: Reading configuration data /etc/ssh/ssh_config.d/05-redhat.conf

debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 2: Including file /etc/crypto-policies/back-ends/openssh.config depth 1

debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config

debug3: gss kex names ok: [gss-gex-sha1-,gss-group14-sha1-,gss-group1-sha1-]

debug3: kex names ok: [curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]

debug1: /etc/ssh/ssh_config.d/05-redhat.conf line 8: Applying options for *

debug2: resolve_canonicalize: hostname <sever-ip> is address

debug2: ssh_connect_direct

debug1: Connecting to <sever-ip> [<sever-ip>] port 22.

debug1: connect to address <sever-ip> port 22: Connection refused

ssh: connect to host <sever-ip> port 22: Connection refused


I read that Ubuntu 18.04 doesn't accept some older ciphers, but I guess this log rules this potential issue out.



Is there any hope for recovery, if so what can I do?






upgrade ssh data-recovery connection sftp







share|improve this question









New contributor




Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Did you open port 22 in the firewall?
    – heynnema
    yesterday










  • My local machine is unchanged, I updated my server, which refuses the connection. I didn't change my server firewall manually, so I would assume that the port is still open.
    – Croydon
    yesterday










  • You should contact your hoster. Normally you also have console access to your VM, where you should be able to login locally and check things like firewall and if the sshd is running.
    – Thomas
    yesterday
















1














I upgraded my remote hosted server from 16.04 to 18.04. The first steps seemed to go fine without any errors or warnings. Until the reboot step.



I confirmed the reboot step. After this the ssh connection got closed of course. I waited for at least 4 hours (I don't know exactly how long, but minimum 4 hours), but I still couldn't got any ssh and sftp connections.



I can




  • successfully ping the server

  • make hard reboots via the web UI from my hoster

  • I know for a fact that cronjobs are still running


  • I get every few minutes emails with errors from the cronjobs (Boinc got uninstalled in the upgrade process so it obviously can't be started; and the Nextcloud cronjob fails since Postgres doesn't seem to be running)


  • since it is a remote server and I don't have any access I can't run any commands or read/write any files


I'm normally using a connection manager, but in the hope to get some more information than "connection refused" I also tried directly to execute it in the console, result:



[croydon ~]$ ssh -vvv <sever-ip>

OpenSSH_7.9p1, OpenSSL 1.1.1 FIPS  11 Sep 2018

debug1: Reading configuration data /etc/ssh/ssh_config

debug3: /etc/ssh/ssh_config line 52: Including file /etc/ssh/ssh_config.d/05-redhat.conf depth 0

debug1: Reading configuration data /etc/ssh/ssh_config.d/05-redhat.conf

debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 2: Including file /etc/crypto-policies/back-ends/openssh.config depth 1

debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config

debug3: gss kex names ok: [gss-gex-sha1-,gss-group14-sha1-,gss-group1-sha1-]

debug3: kex names ok: [curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]

debug1: /etc/ssh/ssh_config.d/05-redhat.conf line 8: Applying options for *

debug2: resolve_canonicalize: hostname <sever-ip> is address

debug2: ssh_connect_direct

debug1: Connecting to <sever-ip> [<sever-ip>] port 22.

debug1: connect to address <sever-ip> port 22: Connection refused

ssh: connect to host <sever-ip> port 22: Connection refused


I read that Ubuntu 18.04 doesn't accept some older ciphers, but I guess this log rules this potential issue out.



Is there any hope for recovery, if so what can I do?






upgrade ssh data-recovery connection sftp







share|improve this question









New contributor




Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • Did you open port 22 in the firewall?
    – heynnema
    yesterday










  • My local machine is unchanged, I updated my server, which refuses the connection. I didn't change my server firewall manually, so I would assume that the port is still open.
    – Croydon
    yesterday










  • You should contact your hoster. Normally you also have console access to your VM, where you should be able to login locally and check things like firewall and if the sshd is running.
    – Thomas
    yesterday














1












1








1







I upgraded my remote hosted server from 16.04 to 18.04. The first steps seemed to go fine without any errors or warnings. Until the reboot step.



I confirmed the reboot step. After this the ssh connection got closed of course. I waited for at least 4 hours (I don't know exactly how long, but minimum 4 hours), but I still couldn't got any ssh and sftp connections.



I can




  • successfully ping the server

  • make hard reboots via the web UI from my hoster

  • I know for a fact that cronjobs are still running


  • I get every few minutes emails with errors from the cronjobs (Boinc got uninstalled in the upgrade process so it obviously can't be started; and the Nextcloud cronjob fails since Postgres doesn't seem to be running)


  • since it is a remote server and I don't have any access I can't run any commands or read/write any files


I'm normally using a connection manager, but in the hope to get some more information than "connection refused" I also tried directly to execute it in the console, result:



[croydon ~]$ ssh -vvv <sever-ip>

OpenSSH_7.9p1, OpenSSL 1.1.1 FIPS  11 Sep 2018

debug1: Reading configuration data /etc/ssh/ssh_config

debug3: /etc/ssh/ssh_config line 52: Including file /etc/ssh/ssh_config.d/05-redhat.conf depth 0

debug1: Reading configuration data /etc/ssh/ssh_config.d/05-redhat.conf

debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 2: Including file /etc/crypto-policies/back-ends/openssh.config depth 1

debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config

debug3: gss kex names ok: [gss-gex-sha1-,gss-group14-sha1-,gss-group1-sha1-]

debug3: kex names ok: [curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]

debug1: /etc/ssh/ssh_config.d/05-redhat.conf line 8: Applying options for *

debug2: resolve_canonicalize: hostname <sever-ip> is address

debug2: ssh_connect_direct

debug1: Connecting to <sever-ip> [<sever-ip>] port 22.

debug1: connect to address <sever-ip> port 22: Connection refused

ssh: connect to host <sever-ip> port 22: Connection refused


I read that Ubuntu 18.04 doesn't accept some older ciphers, but I guess this log rules this potential issue out.



Is there any hope for recovery, if so what can I do?






upgrade ssh data-recovery connection sftp







share|improve this question









New contributor




Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











I upgraded my remote hosted server from 16.04 to 18.04. The first steps seemed to go fine without any errors or warnings. Until the reboot step.



I confirmed the reboot step. After this the ssh connection got closed of course. I waited for at least 4 hours (I don't know exactly how long, but minimum 4 hours), but I still couldn't got any ssh and sftp connections.



I can




  • successfully ping the server

  • make hard reboots via the web UI from my hoster

  • I know for a fact that cronjobs are still running


  • I get every few minutes emails with errors from the cronjobs (Boinc got uninstalled in the upgrade process so it obviously can't be started; and the Nextcloud cronjob fails since Postgres doesn't seem to be running)


  • since it is a remote server and I don't have any access I can't run any commands or read/write any files


I'm normally using a connection manager, but in the hope to get some more information than "connection refused" I also tried directly to execute it in the console, result:



[croydon ~]$ ssh -vvv <sever-ip>

OpenSSH_7.9p1, OpenSSL 1.1.1 FIPS  11 Sep 2018

debug1: Reading configuration data /etc/ssh/ssh_config

debug3: /etc/ssh/ssh_config line 52: Including file /etc/ssh/ssh_config.d/05-redhat.conf depth 0

debug1: Reading configuration data /etc/ssh/ssh_config.d/05-redhat.conf

debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 2: Including file /etc/crypto-policies/back-ends/openssh.config depth 1

debug1: Reading configuration data /etc/crypto-policies/back-ends/openssh.config

debug3: gss kex names ok: [gss-gex-sha1-,gss-group14-sha1-,gss-group1-sha1-]

debug3: kex names ok: [curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1]

debug1: /etc/ssh/ssh_config.d/05-redhat.conf line 8: Applying options for *

debug2: resolve_canonicalize: hostname <sever-ip> is address

debug2: ssh_connect_direct

debug1: Connecting to <sever-ip> [<sever-ip>] port 22.

debug1: connect to address <sever-ip> port 22: Connection refused

ssh: connect to host <sever-ip> port 22: Connection refused


I read that Ubuntu 18.04 doesn't accept some older ciphers, but I guess this log rules this potential issue out.



Is there any hope for recovery, if so what can I do?






upgrade ssh data-recovery connection sftp




upgrade ssh data-recovery connection sftp






share|improve this question









New contributor




Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited yesterday









WinEunuuchs2Unix

43.2k1075163




43.2k1075163






New contributor




Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 2 days ago









Croydon

164




164




New contributor




Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • Did you open port 22 in the firewall?
    – heynnema
    yesterday










  • My local machine is unchanged, I updated my server, which refuses the connection. I didn't change my server firewall manually, so I would assume that the port is still open.
    – Croydon
    yesterday










  • You should contact your hoster. Normally you also have console access to your VM, where you should be able to login locally and check things like firewall and if the sshd is running.
    – Thomas
    yesterday


















  • Did you open port 22 in the firewall?
    – heynnema
    yesterday










  • My local machine is unchanged, I updated my server, which refuses the connection. I didn't change my server firewall manually, so I would assume that the port is still open.
    – Croydon
    yesterday










  • You should contact your hoster. Normally you also have console access to your VM, where you should be able to login locally and check things like firewall and if the sshd is running.
    – Thomas
    yesterday
















Did you open port 22 in the firewall?
– heynnema
yesterday




Did you open port 22 in the firewall?
– heynnema
yesterday












My local machine is unchanged, I updated my server, which refuses the connection. I didn't change my server firewall manually, so I would assume that the port is still open.
– Croydon
yesterday




My local machine is unchanged, I updated my server, which refuses the connection. I didn't change my server firewall manually, so I would assume that the port is still open.
– Croydon
yesterday












You should contact your hoster. Normally you also have console access to your VM, where you should be able to login locally and check things like firewall and if the sshd is running.
– Thomas
yesterday




You should contact your hoster. Normally you also have console access to your VM, where you should be able to login locally and check things like firewall and if the sshd is running.
– Thomas
yesterday










1 Answer
1






active

oldest

votes


















1














Actually, turned out my provider has a rescue mode in which I could figure out the problem and fix it.



The OpenSSH version got update to a newer one. My OpenSSH configuration was invalid with the current version. I needed to remove hmac-ripemd160 from the MAC list and that was all (at least for this problem).



OpenSSH should really working on better error messages and/or upgrade processes. Getting locked out is not that much fun.






share|improve this answer








New contributor




Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.


















    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "89"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });






    Croydon is a new contributor. Be nice, and check out our Code of Conduct.










    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1104765%2fserver-after-upgrade-from-16-04-to-18-04-ssh-and-ftp-refuses-connections%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    Actually, turned out my provider has a rescue mode in which I could figure out the problem and fix it.



    The OpenSSH version got update to a newer one. My OpenSSH configuration was invalid with the current version. I needed to remove hmac-ripemd160 from the MAC list and that was all (at least for this problem).



    OpenSSH should really working on better error messages and/or upgrade processes. Getting locked out is not that much fun.






    share|improve this answer








    New contributor




    Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.























      1














      Actually, turned out my provider has a rescue mode in which I could figure out the problem and fix it.



      The OpenSSH version got update to a newer one. My OpenSSH configuration was invalid with the current version. I needed to remove hmac-ripemd160 from the MAC list and that was all (at least for this problem).



      OpenSSH should really working on better error messages and/or upgrade processes. Getting locked out is not that much fun.






      share|improve this answer








      New contributor




      Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





















        1












        1








        1






        Actually, turned out my provider has a rescue mode in which I could figure out the problem and fix it.



        The OpenSSH version got update to a newer one. My OpenSSH configuration was invalid with the current version. I needed to remove hmac-ripemd160 from the MAC list and that was all (at least for this problem).



        OpenSSH should really working on better error messages and/or upgrade processes. Getting locked out is not that much fun.






        share|improve this answer








        New contributor




        Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        Actually, turned out my provider has a rescue mode in which I could figure out the problem and fix it.



        The OpenSSH version got update to a newer one. My OpenSSH configuration was invalid with the current version. I needed to remove hmac-ripemd160 from the MAC list and that was all (at least for this problem).



        OpenSSH should really working on better error messages and/or upgrade processes. Getting locked out is not that much fun.







        share|improve this answer








        New contributor




        Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        share|improve this answer



        share|improve this answer






        New contributor




        Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        answered yesterday









        Croydon

        164




        164




        New contributor




        Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.





        New contributor





        Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






        Croydon is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






















            Croydon is a new contributor. Be nice, and check out our Code of Conduct.










            draft saved

            draft discarded


















            Croydon is a new contributor. Be nice, and check out our Code of Conduct.













            Croydon is a new contributor. Be nice, and check out our Code of Conduct.












            Croydon is a new contributor. Be nice, and check out our Code of Conduct.
















            Thanks for contributing an answer to Ask Ubuntu!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1104765%2fserver-after-upgrade-from-16-04-to-18-04-ssh-and-ftp-refuses-connections%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Human spaceflight

            Image
            Human spaceflight From Wikipedia, the free encyclopedia Jump to navigation Jump to search "Space traveler" redirects here. For other uses, see Space traveler (disambiguation). @media all and (max-width:720px){.mw-parser-output .tmulti>.thumbinner{width:100%!important;max-width:none!important}.mw-parser-output .tmulti .tsingle{float:none!important;max-width:none!important;width:100%!important;text-align:center}} Apollo 11 crewmember Buzz Aldrin on the Moon, 1969 International Space Station crewmember Tracy Caldwell Dyson views the Earth, 2010 Space Shuttle Discovery heads into space with a crew aboard, STS-121 in 2006 Inside a space suit on the Canadarm, 1993 Human spaceflight (also referred to as crewed spaceflight or manned spaceflight ) is space travel with a crew or passengers aboard the spacecraft. Spacecraft carrying people may be operated directly, by human crew, or it may be e
            Read more

            Can not write log (Is /dev/pts mounted?) - openpty in Ubuntu-on-Windows?

            Image
            0 1 What exactly does the error message beginning with E: mean? I assume it has to do with the file structure on Ubuntu-on-Windows, but what exactly? The following package was automatically installed and is no longer required: os-prober Use 'apt-get autoremove' to remove it. The following extra packages will be installed: libxslt1.1 The following NEW packages will be installed: libxslt1.1 xmlstarlet 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 435 kB of archives. After this operation, 1023 kB of additional disk space will be used. Get:1 http://archive.ubuntu.com/ubuntu/ trusty/main libxslt1.1 amd64 1.1.28-2build1 [145 kB] Get:2 http://archive.ubuntu.com/ubuntu/ trusty/universe xmlstarlet amd64 1.5.0-1 [290 kB]
            Read more

            File:DeusFollowingSea.jpg

            Image
            File:DeusFollowingSea.jpg From Wikipedia, the free encyclopedia Jump to navigation Jump to search File File history File usage No higher resolution available. DeusFollowingSea.jpg ‎ (238 × 211 pixels, file size: 12 KB, MIME type: image/jpeg ) Summary [ edit ] Media data and Non-free use rationale Description Cover art of the Deus CD Following Sea Author or copyright owner Deus Source (WP:NFCC#4) rocksucker.co.uk Date of publication 2012 Use in article (WP:NFCC#7) Following Sea Purpose of use in article (WP:NFCC#8) to serve as the primary means of visual identification at the top of the article dedicated to the work in question. Not replaceable with free media because (WP:NFCC#1) n.a. Minimal use (WP:NFCC#3) Low res image used in infobox of the article on the album Respect for commercial opportunities (WP:NFCC#2) n.a. Fair use Fair use of co
            Read more