0

after I rebooted my server, I can no longer ssh into it. I am running headless Ubuntu 20.04.5 After investigating the problem, I've noticed, that all ports on my server appear to be closed (using an open port checker like yougetsignal). I tested that with all ports previously open.
However, sudo netstat -tulpn | grep LISTEN returns that my ports are open. Example for port 22:

tcp6       0      0 :::22                   :::*                    LISTEN      362/sshd: /usr/sbin

telnet localhost 22 also results in a timeout.

My next assumption was that somehow iptables rules were overwritten, so I ran iptables -S | grep '22', still using port 22 as an example. It resulted in:

-A INPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
-A OUTPUT -p tcp -m tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT

Also, ufw is not installed, nor any other firewall service that I know of.

I am somewhat lost right now, since I can't locate the problem, let alone solve it.
Any help is greatly appreciated.

Update:
nnmap localhost has the following output:

Nmap scan report for localhost (127.0.0.1)
Host is up (0.000012s latency).
Other addresses for localhost (not scanned): ::1
Not shown: 985 closed ports
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
25/tcp   open  smtp
53/tcp   open  domain
80/tcp   open  http
110/tcp  open  pop3
143/tcp  open  imap
443/tcp  open  https
465/tcp  open  smtps
587/tcp  open  submission
993/tcp  open  imaps
995/tcp  open  pop3s
3000/tcp open  ppp
3306/tcp open  mysql
8090/tcp open  opsmessaging

However, using nmap to scan from another system returns:

Host is up (0.0011s latency).
Not shown: 995 filtered ports
PORT      STATE  SERVICE
53/tcp    open   domain
143/tcp   open   imap
993/tcp   open   imaps
995/tcp   open   pop3s
40193/tcp closed unknown

So while it appears that the ports are open, they are not reachable from the outside.

Improve this question
5
  • The listen socket you have posted accepts connections solely for IPv6 connections. unless you have another line, where the listen socket looks like tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN, this could be the cause of your problems...
    – Martin
    Dec 22, 2022 at 11:34
  • Your ssh is listening on IPv6 only. is this what you want? or your connection works on IPv4?
    – Zareh Kasparian
    Dec 22, 2022 at 11:43
  • Well, since I can't ssh into the server, I'm forced to use vnc, where I can only see a very limited screen space and can't scroll up. So the output for IPv4 is there 99% certain, I just can't see it.
    – maddes
    Dec 22, 2022 at 12:28
  • you could do a netstat -tulpn | grep ':22'
    – Martin
    Dec 22, 2022 at 12:59
  • Oh, right yes, proves what I expected: tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 362/sshd: /usr/sbin tcp6 0 0 :::22 :::* LISTEN 362/sshd: /usr/sbin
    – maddes
    Dec 22, 2022 at 13:20

1 Answer 1

Reset to default
1

I was able to solve this, leaving instructions in case someone stumbles on this thread with the same issue.
The problem is, that the iptables rules are not saved after the reboot. Specifically, the IN_public_allow part. It should list all opened ports on your server. If not, you have to append said rules manually with iptables -A IN_public_allow -p tcp --dport [PORT]-j ACCEPT where [Port] is the port that should be added.
To avoid this after future restarts, you can simply install a package to save and restore the rules automatically with: apt-get install iptables-persistent Rules can be saved with iptables-save > /etc/iptables/rules.v4 and ip6tables-save > /etc/iptables/rules.v6 for IPv6.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .